Critical severityNVD Advisory· Published Sep 8, 2025· Updated Apr 15, 2026
CVE-2025-5993
CVE-2025-5993
Description
ITCube CRM in versions from 2023.2 through 2025.2 is vulnerable to path traversal. Unauthenticated remote attacker is able to exploit vulnerable parameter fileName and construct payloads that allow to download any file accessible by the the web server process.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: >=2023.2, <=2025.2
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.