CVE-2025-8516

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-8516
A security vulnerability has been detected in Kingdee Cloud-Starry-Sky Enterprise Edition up to 8.2. This issue affects the function BaseServiceFactory.getFileUploadService.deleteFileAction of the file K3Cloud\BBCMallSite\WEB-INF\lib\Kingdee.K3.O2O.Base.WebApp.jar!\kingdee\k3\o2o\base\webapp\action\FileUploadAction.class of the component IIS-K3CloudMiniApp. The manipulation of the argument filePath leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. It is suggested to install a patch to address this issue. The vendor recommends as a short-term measure to "[t]emporarily disable external network access to the Kingdee Cloud Galaxy Retail System or set up an IP whitelist for access control." The long-term remediation will be: "Install the security patch provided by the Starry Sky system, with the specific solutions being: i) Adding authentication to the vulnerable CMKAppWebHandler.ashx interface; ii) Removing the file reading function."

5.3 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

5.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

References
Link Resource
https://vip.kingdee.com/link/s/ZgAmJ
https://vuldb.com/?ctiid.318642
https://vuldb.com/?id.318642
https://vuldb.com/?submit.573678
https://vuldb.com/?submit.601912
https://wx.mail.qq.com/s?k=hk3Fixc6Z1cKMI9rge
Configurations

No configuration.

History

03 Nov 2025, 07:15

Type Values Removed Values Added
Summary (en) A vulnerability was found in Kingdee Cloud-Starry-Sky Enterprise Edition up to 8.2. It has been classified as problematic. Affected is the function BaseServiceFactory.getFileUploadService.deleteFileAction of the file K3Cloud\BBCMallSite\WEB-INF\lib\Kingdee.K3.O2O.Base.WebApp.jar!\kingdee\k3\o2o\base\webapp\action\FileUploadAction.class of the component IIS-K3CloudMiniApp. The manipulation of the argument filePath leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor recommends as a short-term measure to "[t]emporarily disable external network access to the Kingdee Cloud Galaxy Retail System or set up an IP whitelist for access control." The long-term remediation will be: "Install the security patch provided by the Starry Sky system, with the specific solutions being: i) Adding authentication to the vulnerable CMKAppWebHandler.ashx interface; ii) Removing the file reading function." (en) A security vulnerability has been detected in Kingdee Cloud-Starry-Sky Enterprise Edition up to 8.2. This issue affects the function BaseServiceFactory.getFileUploadService.deleteFileAction of the file K3Cloud\BBCMallSite\WEB-INF\lib\Kingdee.K3.O2O.Base.WebApp.jar!\kingdee\k3\o2o\base\webapp\action\FileUploadAction.class of the component IIS-K3CloudMiniApp. The manipulation of the argument filePath leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed publicly and may be used. It is suggested to install a patch to address this issue. The vendor recommends as a short-term measure to "[t]emporarily disable external network access to the Kingdee Cloud Galaxy Retail System or set up an IP whitelist for access control." The long-term remediation will be: "Install the security patch provided by the Starry Sky system, with the specific solutions being: i) Adding authentication to the vulnerable CMKAppWebHandler.ashx interface; ii) Removing the file reading function."
References
  • () https://vip.kingdee.com/link/s/ZgAmJ -
  • () https://vuldb.com/?submit.601912 -

05 Aug 2025, 14:34

Type Values Removed Values Added
Summary
  • (es) Se encontró una vulnerabilidad en Kingdee Cloud-Starry-Sky Enterprise Edition hasta la versión 8.2. Se ha clasificado como problemática. La función BaseServiceFactory.getFileUploadService.deleteFileAction del archivo K3Cloud\BBCMallSite\WEB-INF\lib\Kingdee.K3.O2O.Base.WebApp.jar!\kingdee\k3\o2o\base\webapp\action\FileUploadAction.class del componente IIS-K3CloudMiniApp se ve afectada. La manipulación del argumento filePath provoca path traversal. El ataque puede ejecutarse en remoto. Se ha hecho público el exploit y puede que sea utilizado. El proveedor recomienda, como medida a corto plazo, "deshabilitar temporalmente el acceso de red externa al sistema Kingdee Cloud Galaxy Retail o configurar una lista blanca de IP para el control de acceso". La solución a largo plazo será: "Instalar el parche de seguridad proporcionado por el sistema Starry Sky, con soluciones específicas: i) Agregar autenticación a la interfaz vulnerable CMKAppWebHandler.ashx; ii) Eliminar la función de lectura de archivos".

04 Aug 2025, 16:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-08-04 16:15

Updated : 2025-11-03 07:15

NVD link : CVE-2025-8516

Mitre link : CVE-2025-8516

CVE.ORG link : CVE-2025-8516

JSON object : View

Products Affected

No product.

CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')