CVE-2025-66955 | Asseco SEE Live 2.0 SMS/Fax downloadAttachment/downloadAttachmentFromPath path file inclusion

A vulnerability was found in Asseco SEE Live 2.0. It has been declared as critical. This affects the function downloadAttachment/downloadAttachmentFromPath of the component SMS/Fax. Executing a manipulation of the argument path can lead to file inclusion.

This vulnerability is handled as CVE-2025-66955. The attack can be executed remotely. There is not any exploit available.VulDB Recent EntriesRead More