Critical severityNVD Advisory· Published Jun 24, 2025· Updated Apr 29, 2026

CVE-2025-34040

Description

An arbitrary file upload vulnerability exists in the Zhiyuan OA platform via the wpsAssistServlet interface. The realFileType and fileId parameters are improperly validated during multipart file uploads, allowing unauthenticated attackers to upload crafted JSP files outside of intended directories using path traversal. Successful exploitation enables remote code execution as the uploaded file can be accessed and executed through the web server. Exploitation evidence was observed by the Shadowserver Foundation on 2025-02-01 UTC.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

service.seeyon.com/patchtools/tp.htmlnvd
vulncheck.com/advisories/zhiyuan-oa-system-path-traversal-file-uploadnvd
www.cnblogs.com/pursue-security/p/17677130.htmlnvd
www.cnvd.org.cn/flaw/show/CNVD-2021-01627nvd
www.exploit-db.com/exploits/52490nvd

News mentions

No linked articles in our index yet.

cvss	0.585
epss	0.012
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000