← Zuruck zu CVEs
CVE-2025-11020
HIGH8.8
Beschreibung
An attacker can obtain server information using Path Traversal vulnerability to conduct SQL Injection, which possibly exploits Unrestricted Upload of File with Dangerous Type vulnerability in MarkAny SafePC Enterprise on Windows, Linux.This issue affects SafePC Enterprise: V7.0.* (V7.0.YYYY.MM.DD) before V7.0.1, and V5.*.*.
CVE Details
CVSS v3.1 Bewertung8.8
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AngriffsvektorADJACENT_NETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht10/2/2025
Zuletzt geandert10/2/2025
Quellenvd
Honeypot-Sichtungen0
Schwachen (CWE)
CWE-22CWE-89CWE-434
Referenzen
https://www.markany.com/enterprisesecurity?utm_campaign=markany_sa&utm_source=google_pc&utm_medium=gsa_pc&utm_term=cybersecurity&utm_content=&gad_source=1&gad_campaignid=21853187406&gbraid=0AAAAADOrb0lM8ZHyDytvnVwj9T--km9aM&gclid=Cj0KCQjwovPGBhDxARIsAFhgkwSh0F9hnsAoRTS8OnFI3KcF4_UMarYchq0uP5V1DiSQyKKVLdZPJNYaAiBuEALw_wcB(09832df1-09c1-45b4-8a85-16c601d30feb)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.