How severe is CVE-2025-1676?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.3 out of 10.

What type of vulnerability is CVE-2025-1676?

This is classified as CWE-77, which is a common weakness in software security.

CVE-2025-1676 - MEDIUM Severity | CVSS 6.3

Vulnerability Description

A vulnerability classified as critical was found in hzmanyun Education and Training System 3.1.1. Affected by this vulnerability is the function pdf2swf of the file /pdf2swf. The manipulation of the argument file leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

Related Vulnerabilities

CVE-2016-9873

MEDIUM

CVSS:6.3(Medium)

EMC Documentum D2 version 4.5 and EMC Documentum D2 version 4.6 has a DQL Injection Vulnerability that could potentially be exploited by malicious users to compromise the affected system. An authentic...

CWE-772016

CVE-2017-12329

MEDIUM

CVSS:6.3(Medium)

A vulnerability in the CLI of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulne...

CWE-772017

CVE-2017-12330

MEDIUM

CVSS:6.3(Medium)

A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vulnerability is due to insufficient input validation ...

CWE-772017

CVE-2017-12335

MEDIUM

CVSS:6.3(Medium)

CWE-772017

CVE-2019-20702

MEDIUM

CVSS:6.3(Medium)

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, and XR500 before 2.3.2.32.

CWE-772019

CVE-2019-20703

MEDIUM

CVSS:6.3(Medium)

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, and XR500 before 2.3.2.32.

CWE-772019