An external control of file name or path vulnerability in SUNNET Corporate Training Management System before 10.11 allows remote attackers to execute arbitrary system commands via a malicious file by controlling the destination file path.
CVSS
No CVSS.
References
| Link | Resource |
|---|---|
| https://zuso.ai/advisory/ |
Configurations
No configuration.
History
30 Aug 2025, 04:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-08-30 04:15
Updated : 2025-09-02 15:55
NVD link : CVE-2025-54945
Mitre link : CVE-2025-54945
CVE.ORG link : CVE-2025-54945
JSON object : View
Products Affected
No product.
CWE
CWE-73
External Control of File Name or Path