CVE-2025-8753

Summary

A vulnerability, which was classified as critical, has been found in linlinjava litemall up to 1.8.0. Affected by this issue is the function delete of the file /admin/storage/delete of the component File Handler. The manipulation of the argument key leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Affected Software

VendorProductVersion RangeStatus
linlinjavalitemall1.0affected
linlinjavalitemall1.1affected
linlinjavalitemall1.2affected
linlinjavalitemall1.3affected
linlinjavalitemall1.4affected
linlinjavalitemall1.5affected
linlinjavalitemall1.6affected
linlinjavalitemall1.7affected
linlinjavalitemall1.8.0affected

Weaknesses

  • CWE-22: Path Traversal

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: partial

Additional References

References