CVE-2025-51056
06.08.2025, 21:15
An unrestricted file upload vulnerability in Vedo Suite version 2024.17 allows remote authenticated attackers to write to arbitrary filesystem paths by exploiting the insecure 'uploadPreviews()' custom function in '/api_vedo/colorways_preview', ultimately resulting in remote code execution (RCE).Enginsight
Awaiting analysis
This vulnerability is currently awaiting analysis.
Common Weakness Enumeration