CVE-2025-34040 Information

Jun 26, 2025 cve

Description

An arbitrary file upload vulnerability exists in the Zhiyuan OA platform 5.0 5.1 - 5.6sp1 6.0 - 6.1sp2 7.0 7.0sp1 - 7.1 7.1sp1 and 8.0 - 8.0sp2 via the wpsAssistServlet interface. The realFileType and fileId parameters are improperly validated during multipart file uploads allowing unauthenticated attackers to upload crafted JSP files outside of intended directories using path traversal. Successful exploitation enables remote code execution as the uploaded file can be accessed and executed through the web server.

Reference

https://service.seeyon.com/patchtools/tp.html#/patchList?type=%E5%AE%89%E5%85%A8%E8%A1%A5%E4%B8%81&id=1 https://vulncheck.com/advisories/zhiyuan-oa-system-path-traversal-file-upload https://www.cnblogs.com/pursue-security/p/17677130.html https://www.cnvd.org.cn/flaw/show/CNVD-2021-01627

CNNVD-202506-3028 (Published: 2025-06-24)

Share on:

CVE-2025-34040 Information

Description

Reference

Related CNNVD