CVE-2025-11020

CVSS v3.1

8.8

High

Vector

AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions MarkAny SafePC Enterprise versions 5.x.x and 7.0.0 through 7.0.1

Description An attacker can obtain server information using a Path Traversal flaw, potentially leading to SQL Injection. This also involves a possible Unrestricted Upload of File with Dangerous Type issue. The vulnerability affects SafePC Enterprise on Windows and Linux operating systems.

Recommendations Update MarkAny SafePC Enterprise to version 7.0.1 or later. Update MarkAny SafePC Enterprise to a version later than 5.x.x.

Fix

RCE

Path traversal

Unrestricted File Upload

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22CWE-434CWE-89

Related Identifiers

CVE-2025-11020

Affected Products

Markany Safepc Enterprise

CVE-2025-11020

Weakness Enumeration

Related Identifiers

Affected Products

References · 7