CVE-2025-5390

EUVD-2025-16569
A vulnerability, which was classified as critical, was found in JeeWMS up to 20250504. This affects the function filedeal of the file /systemController/filedeal.do of the component File Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. This product does not use versioning. This is why information about affected and unaffected releases are unavailable.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.3 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
huayi-tecjeewms
𝑥
≤ 2025-05-04
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://gitee.com/erzhongxmu/JEEWMS/issues/IC5FNV
https://vuldb.com/?ctiid.310683
https://vuldb.com/?id.310683