← volver
CVE-2025-10398

fcba_zzm ics-park Smart Park Management System FileUploadUtils.java unrestricted upload

CVSS 5.3 MEDIUMEPSS 0.3%CWE-284CWE-434
A security flaw has been discovered in fcba_zzm ics-park Smart Park Management System 2.0. This vulnerability affects unknown code of the file FileUploadUtils.java. The manipulation of the argument File results in unrestricted upload. The attack can be launched remotely. The exploit has been released to the public and may be exploited.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P
Productos afectados
fcba_zzm · ics-park Smart Park Management System

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/Yyjccc/CVE/issues/2https://vuldb.com/?ctiid.323833https://vuldb.com/?id.323833https://vuldb.com/?submit.646303