216.73.217.64

CVE-2025-4530

· Published 11/05/2025 05:15 · Modified 11/05/2025 05:15

Labels: CVE-2025-4530 2025-05-11CVE-2025-4530CWE-22[email protected]

Essential information

Published
11/05/2025 05:15
Modified
11/05/2025 05:15
Author
Creator
CVSS
5.3 MEDIUM (v3) 5.3 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

A vulnerability was found in feng_ha_ha/megagao ssm-erp and production_ssm 1.0. It has been declared as problematic. Affected by this vulnerability is the function handleFileDownload of the file FileController.java of the component File Handler. The manipulation leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product is distributed under two entirely different names.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
feng ha ha / megagao ssm-erp cpe:2.3:a:feng_ha_ha:megagao_ssm-erp:1.0:*:*:*:*:*:*:*
feng ha ha / production ssm cpe:2.3:a:feng_ha_ha:production_ssm:1.0:*:*:*:*:*:*:*

References