Metrics
Affected Vendors & Products
No advisories yet.
Solution
The vulnerability has been fixed by the TESI team in version 4.4.2446.2.
Workaround
No workaround given by the vendor.
Thu, 23 Oct 2025 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 23 Oct 2025 11:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Path Traversal vulnerability in version 4.4.2236.1 of TESI Gandia Integra Total. This issue allows an authenticated attacker to download a ZIP file containing files from the server, including those located in parent directories (e.g., ..\..\..), by exploiting the “direstudio” parameter in “/encuestas/integraweb[_v4]/integra/html/view/comprimir.php”. | |
Title | Path Traversal in Gandia Integra Total by TESI | |
Weaknesses | CWE-22 | |
References |
| |
Metrics |
cvssV4_0
|

Status: PUBLISHED
Assigner: INCIBE
Published:
Updated: 2025-10-23T14:40:49.039Z
Reserved: 2025-04-16T09:09:34.458Z
Link: CVE-2025-41073

Updated: 2025-10-23T14:40:29.868Z

Status : Received
Published: 2025-10-23T11:15:31.653
Modified: 2025-10-23T11:15:31.653
Link: CVE-2025-41073

No data.

No data.