CNNVD-202507-2550 Information

CNNVD ID

CNNVD-202507-2550

Related CVE

CVE-2025-7877

• CNNVD Published: 2025-07-20

Description (Chinese)

Metasoft MetaCRM是中国美特软件（Metasoft）公司的一款客户关系管理系统软件。 Metasoft MetaCRM 6.4.2及之前版本存在代码问题漏洞，该漏洞源于文件sendfile.jsp中参数File处理不当导致无限制上传。

Description (English)

Metasoft MetaCRM is a CRM software for MetaSoft. Metasoft MetaCRM 6.4.2 and previous versions had a code problem loophole, which stemmed from the fact that File, the parameter in the document sendfile.jsp, had been mistreated, resulting in unlimited uploading.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

美特软件

Published

2025-07-20

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.316991 https://github.com/FightingLzn9/vul/blob/main/MetaCRM6-Upload-4.md https://vuldb.com/?submit.611252 https://vuldb.com/?id.316991 https://access.redhat.com/security/cve/cve-2025-7877 https://nvd.nist.gov/vuln/detail/CVE-2025-7877