VulnerAlert



TECHNOLOGY
05-06-2025 23:33

CVE-2025-5679 Vulnerabilidad documentada

5.3 MEDIUM
Tags
#exploit
#critical
#tools
#java
#form
#technology
#vulnerability
#affected
#remote
#critic
#attack
#affect
Descripción
A vulnerability classified as critical has been found in Shenzhen Dashi Tongzhou Information Technology AgileBPM up to 2.5.0. Affected is the function parseStrByFreeMarker of file /src/main/java/com/dstz/sys/rest/controller/SysToolsController.java. The manipulation argument str leads deserialization. It possible launch attack remotely. exploit disclosed public and may be used.
https://gitee.com/agile-bpm/agile-bpm-basic/issues/ICAQWG
https://vuldb.com/?ctiid.311166
https://vuldb.com/?id.311166
https://vuldb.com/?submit.585127
Referencia
Link externo
Ver detalles

Fuente
https://nvd.nist.gov/vuln/detail/CVE-2025-5679
Resultados similares
Coincidentes en almenos en 50% de los tags
05-06-2025 CVE-2025-5680
A vulnerability classified as critical was found in Shenzhen Dashi Tongzhou Information Technol...
Ver información
03-06-2025 CVE-2023-51059
An issue in MOKO TECHNOLOGY LTD MOKOSmart MKGW1 BLE Gateway v.1.1.1 and before allows a remote ...
Ver información
Icons made by Freepik from www.flaticon.com
Este Proyecto fue cofinanciado por el Consejo Nacional de Ciencia y Tecnología (CONACYT) a través del PROINNOVA 2021/2023
Proyecto realizado por