CVE-2025-15237

Medium CVSS: 5.3

QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a Path Traversal vulnerability, allowing authenticated remote attackers to read folder names under the specified path by exploiting an Absolute Path Traversal vulnerability.

Vendor

Quantatw

Product

Qoca Aim

CWE

CWE-36

Yayın Tarihi

2026-01-05 08:15:57

Güncelleme

2026-01-20 21:14:55

Source Identifier

twcert@cert.org.tw

KEV Date Added

Kategoriler

CWE-36 Qoca Aim MEDIUM Quantatw 2026

Referanslar

https://www.twcert.org.tw/en/cp-139-10616-cd942-2.html https://www.twcert.org.tw/tw/cp-132-10615-157a3-1.html

Benzer Kayıtlar

High

CVE-2025-15239

QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a SQL Injection vulnerability, allowing authenticate…

High

CVE-2025-15240

QOCA aim AI Medical Cloud Platform developed by Quanta Computer has an Arbitrary File Upload vulnerability, allowing aut…

High

CVE-2025-15235

QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a Missing Authorization vulnerability, allowing auth…

Medium

CVE-2025-15236

QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a Path Traversal vulnerability, allowing authenticat…

High

CVE-2025-15238

QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a SQL Injection vulnerability, allowing authenticate…