Security Advisory

CVE-2025-9795

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-09-01 21:02:06

Last updated 2025-09-02 15:08:37

Assigner VulDB

State PUBLISHED

Description

A vulnerability has been found in xujeff tianti 天梯 up to 2.3. The impacted element is the function ajaxUploadFile of the file src/main/java/com/jeff/tianti/controller/UploadController.java. The manipulation of the argument upfile leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

← Browse all CVEs View on cve.org ↗