2 matches found
CVE-2025-10777 JSC R7 R7-Office Document Server downloadas path traversal
A flaw has been found in JSC R7 R7-Office Document Server up to 20250820. Impacted is an unknown function of the file /downloadas/. Executing manipulation of the argument cmd can lead to path traversal. The attack can be launched remotely. Upgrading to version 2025.3.1.923 is recommended to addre...
PT-2025-38676
Name of the Vulnerable Software and Affected Versions JSC R7 R7-Office Document Server versions up to 20250820 Description A flaw exists in JSC R7 R7-Office Document Server. The issue involves manipulation of the cmd argument within an unknown function of the /downloadas/ file, potentially leadin...