PT-2025-51185 · Shenzhen Sixun · Sixun Shanghui Group Business Management System
Yaozhangyiqiyin
·
Published
2025-12-15
·
Updated
2025-12-15
·
CVE-2025-14697
CVSS v3.1
3.7
Low
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Shenzhen Sixun Software Sixun Shanghui Group Business Management System version 4.10.24.3
Description
A security flaw exists in Shenzhen Sixun Software Sixun Shanghui Group Business Management System. The issue affects some unknown functionality associated with the file
/ExportFiles/, potentially leading to unauthorized access to files or directories. This access can be gained remotely. Exploitation is described as having high complexity and being difficult, but an exploit has been publicly released. The vendor was notified but did not respond.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Files Accessible to External Parties
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Sixun Shanghui Group Business Management System