CVE-2025-3686

misstt123 oasys show image path traversal

CVSS 5.3 MEDIUMEPSS 0.5%CWE-22

A vulnerability classified as problematic was found in misstt123 oasys 1.0. Affected by this vulnerability is the function image of the file /show. The manipulation leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Productos afectados

misstt123 · oasys

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://github.com/misstt123/oasys/issues/10 https://vuldb.com/?ctiid.304975 https://vuldb.com/?id.304975 https://vuldb.com/?submit.553372