CVE-2025-10708 | Four-Faith Water Conservancy Informatization Platform 1.0 historyDownload.do;usrlogout.do fileName path traversal

A vulnerability classified as critical has been found in Four-Faith Water Conservancy Informatization Platform 1.0. Affected by this vulnerability is an unknown functionality of the file /history/historyDownload.do;usrlogout.do. The manipulation of the argument fileName leads to path traversal.

This vulnerability is referenced as CVE-2025-10708. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More