Critical severity9.4NVD Advisory· Published May 8, 2024· Updated Jun 17, 2026
CVE-2024-25533
CVE-2024-25533
Description
Error messages in RuvarOA v6.01 and v12.01 were discovered to leak the physical path of the website (/WorkFlow/OfficeFileUpdate.aspx). This vulnerability can allow attackers to write files to the server or execute arbitrary commands via crafted SQL statements.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- RuvarOA/RuvarOAdescription
Patches
Vulnerability mechanics
References
1- gist.github.com/Mr-xn/bc8261a5c3e35a72768723acf1da358dnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.