CVE 8.7 HIGH

Sunnet｜WMPro – Arbitrary File Read_CVE-2025-15225

December 29, 2025 invoker category_cve

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Description

WMPro developed by Sunnet has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to read arbitrary system files.

AI Analysis

Arbitrary File Read vulnerability allowing unauthenticated remote attackers to read arbitrary system files via Relative Path Traversal

Basic Information

ID CVE-2025-15225

Source twcert

Published Dec 29, 2025 at 06:31

Affected Product

Vendor Sunnet

Product WMPro

Version 5.0

Affected Versions Sunnet WMPro 5.0

CWE Classification

CWE-23

AI Assessment

AI Score 8.7 / 10

AI Severity High

Vendor Sunnet

Product WMPro

Version 5.0

References

{
    "lastseen": "",
    "description": "WMPro developed by Sunnet has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to read arbitrary system files.",
    "published": "2025-12-29T06:31:49.460Z",
    "modified": "2025-12-29T06:31:49.460Z",
    "type": "cve",
    "title": "Sunnet\uff5cWMPro - Arbitrary File Read",
    "source": "twcert",
    "references": "https://www.twcert.org.tw/tw/cp-132-10602-c1c69-1.html\nhttps://www.twcert.org.tw/en/cp-139-10603-67149-2.html",
    "id": "CVE-2025-15225",
    "bulletinFamily": "",
    "cwe": [
        "CWE-23"
    ],
    "cvelist": null,
    "sourceData": "Sunnet WMPro 5.0",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "WMPro",
    "version": "5.0",
    "vendor": "Sunnet",
    "ai_description": "Arbitrary File Read vulnerability allowing unauthenticated remote attackers to read arbitrary system files via Relative Path Traversal",
    "ai_severity": "High",
    "ai_vendor": "Sunnet",
    "ai_product": "WMPro",
    "ai_version": "5.0",
    "ai_score": 8.7
}

💭 Join the Security Discussion ❌ Cancel Reply