CVE-2025-12915
BaseFortify
Publication date: 2025-11-08
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| 70mai | x200_firmware | to 2025-10-19 (inc) |
| 70mai | x200 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-73 | The product allows user input to control or influence paths or file names that are used in filesystem operations. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the 70mai X200 device up to version 20251019, specifically in the Init Script Handler component. It allows an attacker with local access to manipulate the system in a way that results in file inclusion, potentially enabling unauthorized access or execution of files. The attack is complex and difficult to exploit, but a public exploit is available.
How can this vulnerability impact me? :
If exploited, this vulnerability can lead to unauthorized file inclusion, which may compromise the confidentiality, integrity, and availability of the affected system. This could allow an attacker with local access to execute malicious code or access sensitive information, potentially disrupting normal operations or causing data breaches.