216.73.217.64

CVE-2025-59872

· Published 17/06/2026 15:19 · Author: The MITRE Corporation

Labels: CVE-2025-59872 2026-06-17CVE-2025-59872CWE-209[email protected]

Essential information

Published
17/06/2026 15:19
Modified
Author
The MITRE Corporation
Creator
The MITRE Corporation
CVSS
4.3 MEDIUM (v3.1)
CISA KEV
No
CWE
CWE-209
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

CVSS metrics

Description

HCL ZIE for Web is affetced by an Unrestricted File Upload vulnerability, If the server is configured to execute code, then it may be possible to obtain command execution on the server by uploading a file known as a web shell, which allows you to execute arbitrary code or operating system commands. For this attack to be successful, the file needs to be uploaded inside the Webroot, and the server must be configured to execute the code

NVD status

NVD
View on NVD