CVE-2025-4333

🗓️ 06 May 2025 08:00:05Reported by VulDBType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 50 Views

Critical vulnerability in feng_ha_ha/megagao ssm-erp allows unrestricted file upload remotely.

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2025-4333	6 May 202514:21	–	circl
CNNVD	ssm-erp 安全漏洞	6 May 202500:00	–	cnnvd
Cvelist	CVE-2025-4333 feng_ha_ha/megagao ssm-erp/production_ssm FileServiceImpl.java uploadFile unrestricted upload	6 May 202508:00	–	cvelist
EUVD	EUVD-2025-13546	3 Oct 202520:07	–	euvd
NVD	CVE-2025-4333	6 May 202508:15	–	nvd
Positive Technologies	PT-2025-19928 · Unknown · Production Ssm +1	6 May 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-4333	8 May 202510:11	–	redhatcve
Vulnrichment	CVE-2025-4333 feng_ha_ha/megagao ssm-erp/production_ssm FileServiceImpl.java uploadFile unrestricted upload	6 May 202508:00	–	vulnrichment

Vulners

Node

feng_ha_ha ssm-erpMatch0.0.1

feng_ha_ha production_ssmMatch0.0.1

megagao ssm-erpMatch0.0.1

megagao production_ssmMatch0.0.1

[
  {
    "vendor": "feng_ha_ha",
    "product": "ssm-erp",
    "versions": [
      {
        "version": "0.0.1",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "feng_ha_ha",
    "product": "production_ssm",
    "versions": [
      {
        "version": "0.0.1",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "megagao",
    "product": "ssm-erp",
    "versions": [
      {
        "version": "0.0.1",
        "status": "affected"
      }
    ]
  },
  {
    "vendor": "megagao",
    "product": "production_ssm",
    "versions": [
      {
        "version": "0.0.1",
        "status": "affected"
      }
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
github	www.github.com/Hao-Ni/CVE/issues/1
vuldb	www.vuldb.com/
vuldb	www.vuldb.com/

15 Apr 2026 00:35Current

7High risk

Vulners AI Score7

CVSS 45.3

CVSS 3.16.3

CVSS 26.5

CVSS 36.3

EPSS0.00173

SSVC