3 matches found
CVE-2025-10777
CVE-2025-10777 affects the JSC R7 R7-Office Document Server (versions up to 20250820). A flaw in an unknown function of the file /downloadas/ allows remote exploitation by manipulating the cmd argument to trigger a path traversal. The vendor confirms this vulnerability and specifies a fix in rele...
CVE-2025-10777 JSC R7 R7-Office Document Server downloadas path traversal
A flaw has been found in JSC R7 R7-Office Document Server up to 20250820. Impacted is an unknown function of the file /downloadas/. Executing manipulation of the argument cmd can lead to path traversal. The attack can be launched remotely. Upgrading to version 2025.3.1.923 is recommended to addre...
The vulnerability of the R7-Office corporate server, related to the lack of measures taken to protect the website structure, allows attackers to carry out XSS attacks.
The vulnerability of the R7-Office corporate server is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...