CNNVD-202510-2326 Information

CNNVD ID

CNNVD-202510-2326

Related CVE

CVE-2025-34517

• CNNVD Published: 2025-10-16

Description (Chinese)

Ilevia EVE X1 Server是意大利Ilevia公司的一款智能家居与楼宇自动化。 Ilevia EVE X1 Server 4.7.18.0.eden及之前版本存在安全漏洞，该漏洞源于get_file_content.php存在绝对路径遍历，可能导致读取任意文件。

Description (English)

Ilevia EVE X1 Server is an intelligent home and building automation for Ilevia in Italy. There is a security loophole in Ilevia X1 Server 4.7.18.eden and previous versions, which stems from the existence of absolute routings in Get file content.php, which may lead to the reading of any document.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Ilevia

Published

2025-10-16

Last Modified

2026-02-24

References

https://www.vulncheck.com/advisories/ilevia-eve-x1-server-absolute-path-traversal https://www.zeroscience.mk/en/vulnerabilities/ZSL-2025-5960.php https://www.ilevia.com/ https://access.redhat.com/security/cve/cve-2025-34517