How severe is CVE-2025-4893?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.3 out of 10.

What type of vulnerability is CVE-2025-4893?

This is classified as CWE-22, which is a common weakness in software security.

CVE-2025-4893

MEDIUM Year: 2025

CVSS v3 Score

6.3

Medium

CVSS v2 Score

6.5

Medium

Weakness Type

CWE-22

View all →

Vulnerability Description

A vulnerability classified as critical has been found in jammy928 CoinExchange_CryptoExchange_Java up to 8adf508b996020d3efbeeb2473d7235bd01436fa. This affects the function uploadLocalImage of the file /CoinExchange_CryptoExchange_Java-master/00_framework/core/src/main/java/com/bizzan/bitrade/util/UploadFileUtil.java of the component File Upload Endpoint. The manipulation of the argument filename leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.

CVE-2016-7169

MEDIUM

CVSS:6.3(Medium)

Directory traversal vulnerability in the File_Upload_Upgrader class in wp-admin/includes/class-file-upload-upgrader.php in the upgrade package uploader in WordPress before 4.6.1 allows remote authenti...

CWE-222016

CVE-2017-9640

MEDIUM

CVSS:6.3(Medium)

A Path Traversal issue was discovered in Automated Logic Corporation (ALC) ALC WebCTRL, i-Vu, SiteScan Web prior to 6.5; ALC WebCTRL, SiteScan Web 6.1 and prior; ALC WebCTRL, i-Vu 6.0 and prior; ALC W...

CWE-222017

CVE-2020-10014

MEDIUM

CVSS:6.3(Medium)

A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Big Sur 11.0.1. A malicious application may be able to break out of its san...

CWE-222020

CVE-2022-46902

MEDIUM

CVSS:6.3(Medium)

An issue was discovered in Vocera Report Server and Voice Server 5.x through 5.8. There is a Path Traversal for an Unzip operation. The Vocera Report Console contains a websocket function that allows ...

CWE-222022

CVE-2023-42961

MEDIUM

CVSS:6.3(Medium)

A path handling issue was addressed with improved validation. This issue is fixed in iOS 17 and iPadOS 17, iOS 16.7 and iPadOS 16.7, macOS Sonoma 14, macOS Ventura 13.6, macOS Monterey 12.7. A sandbox...

CWE-222023

CVE-2024-23793

MEDIUM

CVSS:6.3(Medium)

The file upload feature in OTRS and ((OTRS)) Community Edition has a path traversal vulnerability. This issue permits authenticated agents or customer users to upload potentially harmful files to dire...

CWE-222024

CVE-2025-4893

Vulnerability Description

Related Vulnerabilities

CVE-2016-7169

CVE-2017-9640

CVE-2020-10014

CVE-2022-46902

CVE-2023-42961

CVE-2024-23793