CNNVD-202509-1753 Information

CNNVD ID

CNNVD-202509-1753

Related CVE

CVE-2025-10273

• CNNVD Published: 2025-09-12

Description (Chinese)

erjinzhi 10OA是中国二进制（erjinzhi）公司的一款企业自动化系统。 erjinzhi 10OA 1.0版本存在安全漏洞，该漏洞源于对文件/view/file.aspx中参数File的错误操作，可能导致路径遍历。

Description (English)

erjinzhi 10OA is an enterprise automation system for the Chinese binary (erjinzhi) company. There is a security loophole in version 10OA 1.0 of erjinzhi, which stems from an error in the application of the parameter File in file/view/file.aspx, which could lead to a routing.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Erugo

Published

2025-09-12

Last Modified

2026-02-24

References

https://github.com/1276486/CVE/issues/8 https://vuldb.com/?ctiid.323643 https://vuldb.com/?id.323643 https://vuldb.com/?submit.643036 https://access.redhat.com/security/cve/cve-2025-10273