Metrics
Affected Vendors & Products
No advisories yet.
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Fri, 17 Oct 2025 21:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Fri, 17 Oct 2025 20:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A vulnerability was found in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. Affected by this issue is the function Download of the file /DeviceFileReport.do?Action=Download. Performing manipulation of the argument FilePath results in path traversal. The attack may be initiated remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way. | |
Title | Shenzhen Ruiming Technology Streamax Crocus DeviceFileReport.do download path traversal | |
Weaknesses | CWE-22 | |
References |
| |
Metrics |
cvssV2_0
|

Status: PUBLISHED
Assigner: VulDB
Published:
Updated: 2025-10-17T20:57:27.491Z
Reserved: 2025-10-17T13:02:05.390Z
Link: CVE-2025-11914

Updated: 2025-10-17T20:57:22.644Z

Status : Received
Published: 2025-10-17T21:15:35.887
Modified: 2025-10-17T21:15:35.887
Link: CVE-2025-11914

No data.

No data.