CVE-2025-8841

Name of the Vulnerable Software and Affected Versions: zlt2000 microservices-platform versions through 6.0.0

Description: A vulnerability exists in the Upload function located in zlt-business/file-center/src/main/java/com/central/file/controller/FileController.java. This manipulation allows for unrestricted file uploads and can be exploited remotely. The exploit has been publicly disclosed and may be in use.

Recommendations: Versions prior to 6.0.0 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.