CNNVD-202512-5493 Information

CNNVD ID

CNNVD-202512-5493

Related CVE

CVE-2025-67707

• CNNVD Published: 2025-12-31

Description (Chinese)

Esri ArcGIS Server是Esri公司的一个面向Web的可用于提供地理位置服务的企业级软件平台。 Esri ArcGIS Server 11.5及之前版本存在代码问题漏洞，该漏洞源于未正确验证上传的文件，可能导致上传任意文件。

Description (English)

Esri ArcGIS Server is a Web-based enterprise-level software platform for Esri that can be used to provide geographical services. Esri ArcGIS Server 11.5 and earlier versions had a code gap, which stemmed from the incorrect validation of the uploading document, which could lead to the uploading of an arbitrary document.

Hazard Level

High

Vulnerability Type

代码问题

Affected Vendor

Etherpad

Published

2025-12-31

Last Modified

2026-02-24

References

https://www.esri.com/arcgis-blog/products/trust-arcgis/administration/arcgis-server-security-2025-update-2-patch

Patch

https://support.esri.com/en-us/patches-updates/2025/arcgis-server-security-2025-update-2-patch