CVE-2025-8516
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
Summary
A security vulnerability has been detected in Kingdee Cloud-Starry-Sky Enterprise Edition up to 8.2. This issue affects the function BaseServiceFactory.getFileUploadService.deleteFileAction of the file K3Cloud\BBCMallSite\WEB-INF\lib\Kingdee.K3.O2O.Base.WebApp.jar!\kingdee\k3\o2o\base\webapp\action\FileUploadAction.class of the component IIS-K3CloudMiniApp. The manipulation of the argument filePath leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. It is suggested to install a patch to address this issue. The vendor recommends as a short-term measure to "[t]emporarily disable external network access to the Kingdee Cloud Galaxy Retail System or set up an IP whitelist for access control." The long-term remediation will be: "Install the security patch provided by the Starry Sky system, with the specific solutions being: i) Adding authentication to the vulnerable CMKAppWebHandler.ashx interface; ii) Removing the file reading function."
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Kingdee | Cloud-Starry-Sky Enterprise Edition | 8.0 | affected |
| Kingdee | Cloud-Starry-Sky Enterprise Edition | 8.1 | affected |
| Kingdee | Cloud-Starry-Sky Enterprise Edition | 8.2 | affected |
Weaknesses
- CWE-22: Path Traversal
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: partial
References
- https://vuldb.com/?id.318642
- https://vuldb.com/?ctiid.318642
- https://vuldb.com/?submit.573678
- https://vuldb.com/?submit.601912
- https://wx.mail.qq.com/s?k=hk3Fixc6Z1cKMI9rge
- https://vip.kingdee.com/link/s/ZgAmJ
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.