PT-2025-49259 · Zdh Web · Zdh Web

Published

2025-12-05

Updated

2025-12-12

CVE-2025-65897

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions zdh web versions through 5.6.17

Description zdh web is a data collection, processing, monitoring, scheduling, and management platform. Insufficient validation of file upload paths allows an authenticated user to write arbitrary files to the server file system. This could lead to overwriting existing files, privilege escalation, or remote code execution.

Recommendations Update zdh web to a version later than 5.6.17.

Fix

LPE

RCE

Path traversal

Unrestricted File Upload

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22CWE-434

Related Identifiers

CVE-2025-65897

Affected Products

Zdh Web

PT-2025-49259 · Zdh Web · Zdh Web

CVE-2025-65897

Weakness Enumeration

Related Identifiers

Affected Products

References · 9