CNNVD-202509-4065 Information

Sep 26, 2025 cve

CNNVD ID

CNNVD-202509-4065

CVE-2025-11034

CNNVD Published: 2025-09-26

Description (Chinese)

Dibo Data Decision Making System是中国迪博（Dibo）公司的一个数据决策系统。 Dibo Data Decision Making System 2.7.0及之前版本存在路径遍历漏洞，该漏洞源于对文件/common/dep/common_dep.action.jsp中函数downloadImpTemplet的参数filePath的错误操作，可能导致路径遍历攻击。

Description (English)

Dibo Data Decision Make Systems is a data decision-making system of Dibo China. Dibo Data Decision Make System 2.7.0 and previous versions have path-to-path loopholes, which stem from the error of the file/comp/dep/common dep.action.jsp ’ s parameter file file file file filefilePath, which may cause a path-to-path attack.

Hazard Level

High

Vulnerability Type

路径遍历

Affected Vendor

迪博

Published

2025-09-26

Last Modified

2026-02-24

References

https://github.com/FightingLzn9/vul/blob/main/%E8%BF%AA%E5%8D%9A%E6%95%B0%E6%8D%AE%E5%86%B3%E7%AD%96%E7%B3%BB%E7%BB%9F.md https://vuldb.com/?ctiid.325981 https://vuldb.com/?id.325981 https://vuldb.com/?submit.658242 https://access.redhat.com/security/cve/cve-2025-11034

Share on: