CVE-2025-13771

High CVSS: 7.1

WebITR developed by Uniong has an Arbitrary File Read vulnerability, allowing authenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files.

Vendor

Uniong

Product

Webitr

CWE

CWE-23

Yayın Tarihi

2025-11-28 08:15:54

Güncelleme

2025-12-01 14:23:55

Source Identifier

twcert@cert.org.tw

KEV Date Added

Kategoriler

CWE-23 Webitr HIGH Uniong 2025

Referanslar

https://www.twcert.org.tw/en/cp-139-10539-21f45-2.html https://www.twcert.org.tw/tw/cp-132-10538-6a26d-1.html

Benzer Kayıtlar

High

CVE-2025-13769

WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrar…

High

CVE-2025-13770

WebITR developed by Uniong has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrar…

High

CVE-2025-13768

WebITR developed by Uniong has an Authentication Bypass vulnerability, allowing authenticated remote attackers to log in…

High

CVE-2025-9255

WebITR developed by Uniong has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitr…

High

CVE-2025-9256

WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privilege…

High

CVE-2025-9257

WebITR developed by Uniong has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privilege…