Unrated severityNVD Advisory· Published Sep 16, 2025· Updated Mar 23, 2026
Ilevia EVE X1 Server 4.7.18.0.eden Unauthenticated File Disclosure
CVE-2025-34185
Description
Ilevia EVE X1 Server version ≤ 4.7.18.0.eden contains a pre-authentication file disclosure vulnerability via the 'db_log' POST parameter. Remote attackers can retrieve arbitrary files from the server, exposing sensitive system information and credentials.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<= 4.7.18.0.eden+ 1 more
- (no CPE)range: <= 4.7.18.0.eden
- (no CPE)range: *
Patches
Vulnerability mechanics
References
4- packetstorm.news/files/id/207716/mitreexploit
- www.zeroscience.mk/en/vulnerabilities/ZSL-2025-5955.phpmitretechnical-descriptionexploit
- www.vulncheck.com/advisories/ilevia-eve-x1-server-unauth-file-disclosuremitrethird-party-advisory
- www.ilevia.commitreproduct
News mentions
0No linked articles in our index yet.