VYPR
High severity8.8NVD Advisory· Published Mar 20, 2026· Updated Apr 14, 2026

CVE-2025-67260

CVE-2025-67260

Description

The Terrapack software, from ASTER TEC / ASTER S.p.A., with the indicated components and versions has a file upload vulnerability that may allow attackers to execute arbitrary code. Vulnerable components include Terrapack TkWebCoreNG:: 1.0.20200914, Terrapack TKServerCGI 2.5.4.150, and Terrapack TpkWebGIS Client 1.0.0.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

6
  • cpe:2.3:a:aster-te:terrapack_tkservercgi:2.5.4.150:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:aster-te:terrapack_tkservercgi:2.5.4.150:*:*:*:*:*:*:*
    • (no CPE)range: = 2.5.4.150
  • cpe:2.3:a:aster-te:terrapack_tkwebcoreng:1.0.20200914:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:aster-te:terrapack_tkwebcoreng:1.0.20200914:*:*:*:*:*:*:*
    • (no CPE)range: = 1.0.20200914
  • cpe:2.3:a:aster-te:terrapack_tpkwebgis:1.0.0:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:aster-te:terrapack_tpkwebgis:1.0.0:*:*:*:*:*:*:*
    • (no CPE)range: = 1.0.0

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.