CNNVD-202508-763 Information

Aug 08, 2025 cve

CNNVD ID

CNNVD-202508-763

CVE-2025-8356

CNNVD Published: 2025-08-08

Description (Chinese)

Xerox FreeFlow Core是美国施乐（Xerox）公司的一款灵活易用的软件。 Xerox FreeFlow Core 8.0.4版本存在安全漏洞，该漏洞源于路径遍历问题，可能导致远程代码执行。

Description (English)

Xerox FreeFlow Core is a flexible and easy-to-use software for Xerox. There is a security loophole in Xerox FreeFlow Core version 8.4, which stems from a routing problem that may lead to remote code implementation.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

施乐

Published

2025-08-08

Last Modified

2026-02-24

References

https://securitydocs.business.xerox.com/wp-content/uploads/2025/08/Xerox-Security-Bulletin-025-013-for-Freeflow-Core-8.0.5.pdf https://horizon3.ai/attack-research/attack-blogs/from-support-ticket-to-zero-day/ https://nvd.nist.gov/vuln/detail/CVE-2025-8356

Patch

https://securitydocs.business.xerox.com/wp-content/uploads/2025/08/Xerox-Security-Bulletin-025-013-for-Freeflow-Core-8.0.5.pdf

Share on: