CVE-2025-14220

ORICO CD3510 File Upload path traversal

CVSS 5.3 MEDIUMEPSS 0.3%CWE-22

A security vulnerability has been detected in ORICO CD3510 1.9.12. This affects an unknown function of the component File Upload. The manipulation leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

Produtos afetados

ORICO · CD3510

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://vuldb.com/?ctiid.334662 https://vuldb.com/?id.334662 https://vuldb.com/?submit.701302 https://www.notion.so/2b66cf4e528a8002aa39df57a71b105a