CVE-2025-41428
CVE-2025-41428
Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in TimeWorks 10.0 to 10.3. If exploited, arbitrary JSON files on the server may be viewed by a remote unauthenticated attacker.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
Productos afectados
Keiyo System Co., LTD · TimeWorks¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →