VYPR

ASDK API

by Aranda Software

CVEs (1)

  • CVE-2025-70995HigMar 5, 2026
    risk 0.57cvss 8.8epss 0.01

    An issue in Aranda Service Desk Web Edition (ASDK API 8.6) allows authenticated attackers to achieve remote code execution due to improper validation of uploaded files. An authenticated user can upload a crafted web.config file by sending a crafted POST request to…