CVE 8.7 HIGH

Ragic｜Enterprise Cloud Database – Arbitrary File Read_CVE-2025-15015

December 21, 2025 invoker category_cve

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Description

Enterprise Cloud Database developed by Ragic has a Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files.

AI Analysis

Arbitrary File Read vulnerability allowing unauthenticated remote attackers to exploit Relative Path Traversal and download arbitrary system files

Basic Information

ID CVE-2025-15015

Source twcert

Published Dec 22, 2025 at 03:22

Affected Product

Vendor Ragic

Product Enterprise Cloud Database

Affected Versions Ragic Enterprise Cloud Database 0

CWE Classification

CWE-23

AI Assessment

AI Score 8.7 / 10

AI Severity High

Vendor Ragic

Product Enterprise Cloud Database

References

{
    "lastseen": "",
    "description": "Enterprise Cloud Database developed by Ragic has a Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files.",
    "published": "2025-12-22T03:22:46.742Z",
    "modified": "2025-12-22T03:22:46.742Z",
    "type": "cve",
    "title": "Ragic\uff5cEnterprise Cloud Database - Arbitrary File Read",
    "source": "twcert",
    "references": "https://www.twcert.org.tw/tw/cp-132-10587-797c6-1.html\nhttps://www.twcert.org.tw/en/cp-139-10588-771e5-2.html",
    "id": "CVE-2025-15015",
    "bulletinFamily": "",
    "cwe": [
        "CWE-23"
    ],
    "cvelist": null,
    "sourceData": "Ragic Enterprise Cloud Database 0",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Enterprise Cloud Database",
    "version": "0",
    "vendor": "Ragic",
    "ai_description": "Arbitrary File Read vulnerability allowing unauthenticated remote attackers to exploit Relative Path Traversal and download arbitrary system files",
    "ai_severity": "High",
    "ai_vendor": "Ragic",
    "ai_product": "Enterprise Cloud Database",
    "ai_version": "0",
    "ai_score": 8.7
}

💭 Join the Security Discussion ❌ Cancel Reply