Four Faith · Four-Faith Water Conservancy Informatization Platform · CVE-2025-11018
**Name of the Vulnerable Software and Affected Versions**
Four-Faith Water Conservancy Informatization Platform version 1.0
**Description**
A path traversal flaw exists in Four-Faith Water Conservancy Informatization Platform version 1.0. The issue affects an unknown function within the file `/sysRole/index.do/../../generalReport/download.do;usrlogout.do.do`. Manipulation of the `fileName` argument can enable path traversal, allowing for remote exploitation. The exploit has been published.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.