CVE-2025-4377
Path traversal vulnerability in Sparx Pro Cloud Server WebEA webconfig in logview.php
Improper Limitation of a Pathname caused a Path Traversal vulnerability in Sparx Systems Pro Cloud Server.
This vulnerability is present in logview.php and it allows reading arbitrary files on the filesystem.
Logview is accessible on Pro Cloud Server Configuration interface.
This issue affects Pro Cloud Server: earlier than 6.0.165.
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:H/SI:N/SA:N
Productos afectados
Sparx Systems · Pro Cloud Server¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →