CNNVD-202507-809 Information

CNNVD ID

CNNVD-202507-809

Related CVE

CVE-2025-42970

• CNNVD Published: 2025-07-08

Description (Chinese)

SAP SAPCAR是德国思爱普（SAP）公司的一款用于压缩和/或解压缩 SAP 存档文件的实用程序。。 SAP SAPCAR存在路径遍历漏洞，该漏洞源于文件路径清理不当，可能导致目录遍历和文件覆盖。

Description (English)

SAP SAPCAR is a practical program for compressing and/or compressing SAP files. SAP SAPCAR has a loophole in its path, which arises from the inappropriate cleaning of the file path, which may lead to a directory being searched and document being covered.

Hazard Level

High

Vulnerability Type

路径遍历

Affected Vendor

思爱普

Published

2025-07-08

Last Modified

2026-02-24

References

https://me.sap.com/notes/3595156 https://url.sap/sapsecuritypatchday

Patch

https://support.sap.com/en/my-support/knowledge-base/security-notes-news/july-2025.html