CVE-2025-4377

Improper Limitation of a Pathname caused a Path Traversal vulnerability in Sparx Systems Pro Cloud Server.

This vulnerability is present in logview.php and it allows reading arbitrary files on the filesystem.

Logview is accessible on Pro Cloud Server Configuration interface. 


This issue affects Pro Cloud Server: earlier than 6.0.165.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
UNKNOWN
---
NCSC-FICNA
---
---
CISA-ADPADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 23%
Common Weakness Enumeration
References
https://sparxsystems.com/products/procloudserver/6.1/