CVE-2025-2716

MEDIUM Year: 2025
CVSS v3 Score
2.7
Low
CVSS v2 Score
3.3
Low
Weakness Type
CWE-22
View all →

Vulnerability Description

A vulnerability classified as problematic was found in China Mobile P22g-CIac 1.0.00.488. This vulnerability affects unknown code of the component Samba Path Handler. The manipulation leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Related Vulnerabilities

CVE-2016-1212

LOW
CVSS:2.7(Low)

Directory traversal vulnerability in futomi MP Form Mail CGI Professional Edition 3.2.3 and earlier allows remote authenticated administrators to read arbitrary files via unspecified vectors.

CWE-222016

CVE-2016-3972

LOW
CVSS:2.7(Low)

Directory traversal vulnerability in the dotTailLogServlet in dotCMS before 3.5.1 allows remote authenticated administrators to read arbitrary files via a .. (dot dot) in the fileName parameter.

CWE-222016

CVE-2018-16237

LOW
CVSS:2.7(Low)

An issue was discovered in damiCMS V6.0.1. There is Directory Traversal via '|' characters in the s parameter to admin.php, as demonstrated by an admin.php?s=Tpl/Add/id/c:|windows|win.ini URI.

CWE-222018

CVE-2019-9889

LOW
CVSS:2.7(Low)

In Vanilla before 2.6.4, a flaw exists within the getSingleIndex function of the AddonManager class. The issue results in a require call using a crafted type value, leading to Directory Traversal with...

CWE-222019

CVE-2020-10457

LOW
CVSS:2.7(Low)

Path Traversal in admin/imagepaster/image-renaming.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to rename any file on the webserver using a dot-dot-slash sequence (../) via the POST ...

CWE-222020

CVE-2020-10459

LOW
CVSS:2.7(Low)

Path Traversal in admin/assetmanager/assetmanager.php (vulnerable function saved in admin/assetmanager/functions.php) in Chadha PHPKB Standard Multi-Language 9 allows attackers to list the files that ...

CWE-222020