CNNVD-202509-3621 Information

Sep 22, 2025 cve

CNNVD ID

CNNVD-202509-3621

CVE-2025-10777

CNNVD Published: 2025-09-22

Description (Chinese)

JSC R7 R7-Office Document Server是俄罗斯JSC R7公司的一款办公软件。 JSC R7 R7-Office Document Server 20250820及之前版本存在路径遍历漏洞，该漏洞源于对文件/downloadas/中参数cmd的错误操作，可能导致路径遍历攻击。

Description (English)

JSC R7 R7-Office Document Server is an office software package for JSC R7 in Russia. JSC R7 R7-Office Document Server 202500820 and previous versions had a loophole, which stemmed from an error in the cmd of the file/downloadas/moderate, which could lead to a routing attack.

Hazard Level

High

Vulnerability Type

路径遍历

Affected Vendor

Jspreadsheet

Published

2025-09-22

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.325133 https://vuldb.com/?id.325133 https://vuldb.com/?submit.638446

Share on: