High severityNVD Advisory· Published Jul 16, 2025· Updated Apr 15, 2026
CVE-2025-34119
CVE-2025-34119
Description
A remote file disclosure vulnerability exists in EasyCafe Server 2.2.14, exploitable by unauthenticated remote attackers via TCP port 831. The server listens for a custom protocol where opcode 0x43 can be used to request arbitrary files by absolute path. If the file exists and is accessible, its content is returned without authentication. This flaw allows attackers to retrieve sensitive files such as system configuration, password files, or application data.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: =2.2.14
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.