High severity7.3NVD Advisory· Published Feb 23, 2026· Updated Apr 29, 2026
CVE-2026-3025
CVE-2026-3025
Description
A flaw has been found in ShuoRen Smart Heating Integrated Management Platform 1.0.0. Affected by this vulnerability is an unknown functionality of the file /MP/Service/Webservice/ExampleNodeService.asmx. Executing a manipulation of the argument File can lead to unrestricted upload. It is possible to launch the attack remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Affected products
2cpe:2.3:a:shuoren:smart_heating_integrated_management_platform:1.0.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:shuoren:smart_heating_integrated_management_platform:1.0.0:*:*:*:*:*:*:*
- (no CPE)range: = 1.0.0
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.