CNNVD-202509-3064 Information

CNNVD ID

CNNVD-202509-3064

Related CVE

CVE-2025-10709

• CNNVD Published: 2025-09-19

Description (Chinese)

Four-Faith Water Conservancy Informatization是中国四信（Four-Faith）公司的一个水利信息化系统。 Four-Faith Water Conservancy Informatization 1.0版本存在安全漏洞，该漏洞源于对文件/history/historyDownload.do中参数fileName的错误操作，可能导致路径遍历攻击。

Description (English)

Four-Faith Water Contracting Information is a hydro-information system of Four-Faith China. There is a security loophole in version 1.0 of Four-Faith Water Services Investment, which results from an error in the file/history/historyDownload.do parameter file name, which may lead to a path attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

四信

Published

2025-09-19

Last Modified

2026-02-24

References

https://github.com/Cstarplus/CVE/issues/5 https://vuldb.com/?ctiid.324997 https://vuldb.com/?id.324997 https://vuldb.com/?submit.644874 https://access.redhat.com/security/cve/cve-2025-10709