Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2025-65897
Analyzed
More InfoOfficial Page
Source-cve@mitre.org
View Known Exploited Vulnerability (KEV) details
Published At-05 Dec, 2025 | 16:15
Updated At-12 Dec, 2025 | 12:52

zdh_web is a data collection, processing, monitoring, scheduling, and management platform. In zdh_web thru 5.6.17, insufficient validation of file upload paths in the application allows an authenticated user to write arbitrary files to the server file system, potentially overwriting existing files and leading to privilege escalation or remote code execution.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.18.8HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
zhaoyachao
zhaoyachao
>>zdh_web>>Versions up to 5.6.17(inclusive)
cpe:2.3:a:zhaoyachao:zdh_web:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-22Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-434Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-22
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-434
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/zhaoyachao/zdh_webcve@mitre.org
Product
https://github.com/zhaoyachao/zdh_web/commit/b2423378a8bf83f159f19ce4e14eac71c939793acve@mitre.org
Patch
https://github.com/zhaoyachao/zdh_web/issues/40cve@mitre.org
Vendor Advisory
Issue Tracking
https://github.com/zhaoyachao/zdh_web/pull/39cve@mitre.org
Patch
Hyperlink: https://github.com/zhaoyachao/zdh_web
Source: cve@mitre.org
Resource:
Product
Hyperlink: https://github.com/zhaoyachao/zdh_web/commit/b2423378a8bf83f159f19ce4e14eac71c939793a
Source: cve@mitre.org
Resource:
Patch
Hyperlink: https://github.com/zhaoyachao/zdh_web/issues/40
Source: cve@mitre.org
Resource:
Vendor Advisory
Issue Tracking
Hyperlink: https://github.com/zhaoyachao/zdh_web/pull/39
Source: cve@mitre.org
Resource:
Patch
Change History
0Changes found
Details not found