VYPR
Unrated severityNVD Advisory· Published Dec 5, 2025· Updated Dec 5, 2025

CVE-2025-65897

CVE-2025-65897

Description

zdh_web is a data collection, processing, monitoring, scheduling, and management platform. In zdh_web thru 5.6.17, insufficient validation of file upload paths in the application allows an authenticated user to write arbitrary files to the server file system, potentially overwriting existing files and leading to privilege escalation or remote code execution.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Zdh Developer/Zdh Webinferred2 versions
    <=5.6.17+ 1 more
    • (no CPE)range: <=5.6.17
    • (no CPE)range: <=5.6.17

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.