Ragic｜Enterprise Cloud Database – Arbitrary File Upload_CVE-2025-11675

7.2 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Description

Enterprise Cloud Database developed by Ragic has an Arbitrary File Upload vulnerability, allowing privileged remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.

Basic Information

ID CVE-2025-11675

Source twcert

Published Oct 13, 2025 at 07:56

Affected Product

Vendor Ragic

Product Enterprise Cloud Database

Affected Versions Ragic Enterprise Cloud Database 0

CWE Classification

CWE-434

References

{
    "lastseen": "",
    "description": "Enterprise Cloud Database developed by Ragic has an Arbitrary File Upload vulnerability, allowing privileged remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.",
    "published": "2025-10-13T07:56:11.168Z",
    "modified": "2025-10-13T07:56:11.168Z",
    "type": "cve",
    "title": "Ragic\uff5cEnterprise Cloud Database - Arbitrary File Upload",
    "source": "twcert",
    "references": "https://www.twcert.org.tw/tw/cp-132-10423-a3861-1.html\nhttps://www.twcert.org.tw/en/cp-139-10424-4e42c-2.html",
    "id": "CVE-2025-11675",
    "bulletinFamily": "",
    "cwe": [
        "CWE-434"
    ],
    "cvelist": null,
    "sourceData": "Ragic Enterprise Cloud Database 0",
    "sourceHref": "",
    "cvss": {
        "score": 7.2,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Enterprise Cloud Database",
    "version": "0",
    "vendor": "Ragic",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}