CVE-2025-9273

Name of the Vulnerable Software and Affected Versions CData API Server (affected versions not specified)

Description CData API Server installations are susceptible to information disclosure. Remote attackers who have authentication can exploit this issue. The flaw resides in the configuration of MySQL connections, where the product allows the MySQL server to request local files from the MySQL client. This can lead to the disclosure of sensitive information within the context of NETWORK SERVICE.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.