CNNVD-202510-2325 Information

CNNVD ID

CNNVD-202510-2325

Related CVE

CVE-2025-34518

• CNNVD Published: 2025-10-16

Description (Chinese)

Ilevia EVE X1 Server是意大利Ilevia公司的一款智能家居与楼宇自动化。 Ilevia EVE X1 Server 4.7.18.0.eden及之前版本存在安全漏洞，该漏洞源于get_file_content.php存在相对路径遍历，可能导致读取任意文件。

Description (English)

Ilevia EVE X1 Server is an intelligent home and building automation for Ilevia in Italy. There is a security loophole in Ilevia X1 Server 4.7.18.0.eden and earlier versions, which stems from the relative path of Get file content.php, which may lead to the reading of any document.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Ilevia

Published

2025-10-16

Last Modified

2026-02-24

References

https://www.vulncheck.com/advisories/ilevia-eve-x1-server-relative-path-traversal https://www.zeroscience.mk/en/vulnerabilities/ZSL-2025-5960.php https://www.ilevia.com/ https://access.redhat.com/security/cve/cve-2025-34518