1 results (0.001 seconds)
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 1CVE-2025-2702 – Softwin WMX3 ImageAdd.ashx ImageAdd unrestricted upload
https://notcve.org/view.php?id=CVE-2025-2702
24 Mar 2025 — A vulnerability, which was classified as critical, has been found in Softwin WMX3 3.1. This issue affects the function ImageAdd of the file /ImageAdd.ashx. The manipulation of the argument File leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. • https://github.com/Rain1er/report/blob/main/THNlcnBf/RCE_1.md • CWE-284: Improper Access Control CWE-434: Unrestricted Upload of File with Dangerous Type •