CNNVD-202509-1098 Information

CNNVD ID

CNNVD-202509-1098

Related CVE

CVE-2025-5993

• CNNVD Published: 2025-09-08

Description (Chinese)

ITCube CRM是日本ITCube公司的一个客户关系管理系统。 ITCube CRM 2025.2及之前版本存在路径遍历漏洞，该漏洞源于fileName参数存在路径遍历漏洞，可能导致任意文件下载。

Description (English)

ITCube CRM is a customer relationship management system for ITCube in Japan. Technicalube CRM 2025.2 and previous versions have path-to-path loopholes that stem from the path-to-path loophole of the fileName parameter, which may result in any file download.

Hazard Level

High

Vulnerability Type

路径遍历

Affected Vendor

ITCube

Published

2025-09-08

Last Modified

2026-02-24

References

https://cert.pl/posts/2025/07/CVE-2025-5993 https://itcube.pl/modul-crm