WuKongOpenSource WukongCRM API Response upload information exposure_CVE-2025-8852

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was identified in WuKongOpenSource WukongCRM 11.0. This affects an unknown part of the file /adminFile/upload of the component API Response Handler. The manipulation leads to information exposure through error message. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Basic Information

ID CVE-2025-8852

Source VulDB

Published Aug 11, 2025 at 14:02

Affected Product

Vendor WuKongOpenSource

Product WukongCRM

Version 11.0

Affected Versions WuKongOpenSource WukongCRM 11.0

CWE Classification

CWE-209 CWE-200

References

{
    "lastseen": "",
    "description": "A vulnerability was identified in WuKongOpenSource WukongCRM 11.0. This affects an unknown part of the file /adminFile/upload of the component API Response Handler. The manipulation leads to information exposure through error message. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.",
    "published": "2025-08-11T14:02:05.671Z",
    "modified": "2025-08-11T14:02:05.671Z",
    "type": "cve",
    "title": "WuKongOpenSource WukongCRM API Response upload information exposure",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.319383\nhttps://vuldb.com/?ctiid.319383\nhttps://vuldb.com/?submit.624693\nhttps://github.com/WuKongOpenSource/WukongCRM-11.0-JAVA/issues/26\nhttps://github.com/WuKongOpenSource/WukongCRM-11.0-JAVA/issues/26#issue-3272864284",
    "id": "CVE-2025-8852",
    "bulletinFamily": "",
    "cwe": [
        "CWE-209",
        "CWE-200"
    ],
    "cvelist": null,
    "sourceData": "WuKongOpenSource WukongCRM 11.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "WukongCRM",
    "version": "11.0",
    "vendor": "WuKongOpenSource",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}