Security Advisory

CVE-2025-51056

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-08-06 00:00:00
Last updated 2026-07-05 01:07:38
Assigner mitre
State PUBLISHED

Description

An unrestricted file upload vulnerability in Vedo Suite version 2024.17 allows remote authenticated attackers to write to arbitrary filesystem paths by exploiting the insecure uploadPreviews() custom function in /api_vedo/colorways_preview, ultimately resulting in remote code execution (RCE).