HIGH🇬🇧 English

CVE-2025-27222

CVSS 8.6v3.1pub. 2025-10-27upd. 2025-11-03

TRUfusion Enterprise through 7.10.4.0 uses the /trufusionPortal/getCobrandingData endpoint to retrieve files. However, the application doesn't properly sanitize the input to this endpoint, ultimately allowing path traversal sequences to be included. This can be used to read any local server file that is accessible by the TRUfusion user and can also be used to leak cleartext passwords of TRUfusion Enterprise itself.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
  • Rocketsoftware Trufusion Enterprise

    APP
    Rocketsoftware
    ≤ 7.10.4.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
Path Traversal
CWE
Referencje

Powiązane podatności

CVE-2025-59793CRITICAL9.4PL ✓ten sam produkt

Path traversal umożliwiający RCE w Rocket TRUfusion Enterprise

CVE-2025-27224CRITICAL9.8PL ✓ten sam produkt

Path Traversal w Rocket TRUfusion Enterprise – zapis dowolnych plików i RCE

CVE-2025-32355HIGH7.9ten sam produkt

Rocket TRUfusion Enterprise through 7.10.4.0 uses a reverse proxy to handle incoming connections. However, the...

CVE-2025-27223HIGH7.5ten sam produkt

TRUfusion Enterprise through 7.10.4.0 exposes the encrypted COOKIEID as an authentication mechanism for some e...

CVE-2025-27225HIGH7.5ten sam produkt

TRUfusion Enterprise through 7.10.4.0 exposes the /trufusionPortal/jsp/internal_admin_contact_login.jsp endpoi...