CVE 6.5 MEDIUM

CVE-2025-51052

August 6, 2025 invoker category_cve
6.5 / 10
MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Description

A path traversal vulnerability in Vedo Suite 2024.17 allows remote authenticated attackers to read arbitrary filesystem files by exploiting an unsanitized 'file_get_contents()' function call in '/api_vedo/template'.

AI Analysis

A path traversal vulnerability in Vedo Suite 2024.17 allows remote authenticated attackers to read arbitrary files by exploiting an unsanitized function call. This could lead to unauthorized access of sensitive data.

Visit Original Source

Basic Information

ID CVE-2025-51052
Published Aug 6, 2025 at 21:15

CWE Classification

CWE-23

AI Assessment

AI Severity Medium
Vendor Vedo Suite Vendor
Product Vedo Suite
Version 2024.17

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.