Unrestricted file upload in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to upload any file within the server, even a malicious file to obtain a Remote Code Execution (RCE).
References
Link | Resource |
---|---|
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-tcmans-gim | Third Party Advisory |
Configurations
History
13 May 2025, 19:17
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-05-06 11:15
Updated : 2025-05-13 19:17
NVD link : CVE-2025-40625
Mitre link : CVE-2025-40625
CVE.ORG link : CVE-2025-40625
JSON object : View
Products Affected
tcman
- gim
CWE
CWE-434
Unrestricted Upload of File with Dangerous Type