Unrated severityNVD Advisory· Published Oct 23, 2025· Updated Oct 23, 2025
Path Traversal in Gandia Integra Total by TESI
CVE-2025-41073
Description
Path Traversal vulnerability in version 4.4.2236.1 of TESI Gandia Integra Total. This issue allows an authenticated attacker to download a ZIP file containing files from the server, including those located in parent directories (e.g., ..\..\..), by exploiting the “direstudio” parameter in “/encuestas/integraweb[_v4]/integra/html/view/comprimir.php”.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2=4.4.2236.1+ 1 more
- (no CPE)range: =4.4.2236.1
- (no CPE)range: 0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.