CNNVD-202507-2552 Information
Jul 20, 2025
cve
CNNVD ID
CNNVD-202507-2552
Related CVE
- CNNVD Published: 2025-07-20
Description (Chinese)
Metasoft MetaCRM是中国美特软件(Metasoft)公司的一款客户关系管理系统软件。 Metasoft MetaCRM 6.4.2及之前版本存在代码问题漏洞,该漏洞源于对文件mobileupload.jsp中参数File的错误操作导致任意文件上传。
Description (English)
Metasoft MetaCRM is a CRM software for MetaSoft. There is a code gap in Metasoft MetaCRM 6.4.2 and earlier versions, which stems from an error in the use of the parameter File in the Mobileupload.jsp, resulting in any upload of the document.
Hazard Level
High
Vulnerability Type
代码问题
Affected Vendor
美特软件
Published
2025-07-20
Last Modified
2026-02-24
References
https://vuldb.com/?id.316993 https://vuldb.com/?ctiid.316993 https://github.com/FightingLzn9/vul/blob/main/MetaCRM-Upload-6.md https://vuldb.com/?submit.611288 https://access.redhat.com/security/cve/cve-2025-7879 https://nvd.nist.gov/vuln/detail/CVE-2025-7879
Share on: