PT-2025-39630 · Unknown+2 · Compliance Guardian+2
Published
2025-09-26
·
Updated
2025-09-26
·
CVE-2025-10544
CVSS v4.0
8.6
High
| Vector | AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
DocAve versions prior to 6.13.2
Perimeter versions prior to 1.12.3
Compliance Guardian versions prior to 4.7.1
Description
The software contains an unrestricted file upload issue that affects administrator users. The issue allows the upload of files without proper validation, potentially leading to system compromise. Additionally, a path traversal issue allows writing files to arbitrary directories within the web root.
Recommendations
Update DocAve to version 6.13.2 or later.
Update Perimeter to version 1.12.3 or later.
Update Compliance Guardian to version 4.7.1 or later.
Fix
Unrestricted File Upload
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Compliance Guardian
Docave
Perimeter