CNNVD-202508-931 Information

Aug 11, 2025 cve

CNNVD ID

CNNVD-202508-931

CVE-2025-8852

  • CNNVD Published: 2025-08-11

Description (Chinese)

WukongCRM是中国悟空(Wukong)公司的一个客户关系管理 (CRM) 系统。 WukongCRM 11.0版本存在安全漏洞,该漏洞源于文件/adminFile/upload导致通过错误消息泄露信息。

Description (English)

WukongCRM is a customer relationship management (CRM) system of Wukong, China. There is a security loophole in WukongCRM version 11.0, which originates from document/adminFile/upload resulting in the disclosure of information through false information.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

悟空

Published

2025-08-11

Last Modified

2026-02-24

References

https://vuldb.com/?submit.624693 https://vuldb.com/?id.319383 https://github.com/WuKongOpenSource/WukongCRM-11.0-JAVA/issues/26 https://vuldb.com/?ctiid.319383 https://github.com/WuKongOpenSource/WukongCRM-11.0-JAVA/issues/26#issue-3272864284 https://access.redhat.com/security/cve/cve-2025-8852

Patch

https://github.com/WuKongOpenSource/WukongCRM-11.0-JAVA/tags

Share on: