CVE-2025-14697
Directory Traversal in Sixun Shanghui Business Management System
Publication date: 2025-12-15
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| shenzhen_sixun_software | sixun_shanghui_group_business_management_system | 4.10.24.3 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-552 | The product makes files or directories accessible to unauthorized actors, even though they should not be. |
| CWE-425 | The web application does not adequately enforce appropriate authorization on all restricted URLs, scripts, or files. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-14697 is an unauthorized file download vulnerability in Shenzhen Sixun Software's Sixun Shanghui Group Business Management System version 4.10.24.3. It affects the /ExportFiles/ interface, allowing attackers to download files without proper authentication or permission. Attackers can craft HTTP requests by appending filenames to the URL to access sensitive business documents remotely. This flaw exposes files or directories to unauthorized users, compromising confidentiality. Exploitation is possible remotely but considered difficult, and a proof-of-concept exploit is publicly available. [1, 2, 3]
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized disclosure of sensitive files or business documents stored in the affected system. Attackers exploiting this flaw can access confidential information without authentication, potentially leading to data breaches, loss of business confidentiality, and exposure of proprietary or personal data. Although exploitation is difficult, the availability of a public proof-of-concept increases the risk. There are no known mitigations or patches, so affected users may need to consider replacing the product to avoid impact. [1, 2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by attempting unauthorized HTTP GET requests to the /ExportFiles/ interface with crafted filenames following the pattern [Document Number]_[Date]_[6-digit number].xls. For example, you can use curl commands to test access to such URLs without authentication, e.g., curl -I http://<target-ip>:<port>/ExportFiles/DO000122110201176_2025-12-03_155604.xls. Monitoring network traffic for such requests or unexpected file downloads from the /ExportFiles/ path can also help detect exploitation attempts. [3]
What immediate steps should I take to mitigate this vulnerability?
No known patches or mitigations exist for this vulnerability, and the vendor has not responded to the disclosure. Immediate steps include restricting access to the /ExportFiles/ interface via network controls such as firewall rules or web application firewalls to limit exposure. Consider replacing the affected product or disabling the vulnerable functionality if possible. Monitoring for exploitation attempts and applying strict access controls are recommended as temporary measures. [2]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability allows unauthorized remote access to potentially sensitive files without authentication, which could lead to exposure of confidential or personal data. Such unauthorized data exposure may result in non-compliance with data protection regulations like GDPR or HIPAA, which require safeguarding sensitive information against unauthorized access. However, specific impacts on compliance are not detailed in the provided resources. [1, 2, 3]