Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2025-51661

EPSS 0.08% · P23
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-51661

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A path Traversal vulnerability found in FileCodeBox v2.2 and earlier allows arbitrary file writes when application is configured to use local filesystem storage. SystemFileStorage.save_file method in core/storage.py uses filenames from user input without validation to construct save_path and save files. This allows remote attackers to perform arbitrary file writes outside the intended directory by sending crafted POST requests with malicious traversal sequences to /share/file/ upload endpoint, which does not require any authorization.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
FileCodeBox 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
FileCodeBox是vastsa个人开发者的一个文件快递柜。可以匿名口令分享文件。 FileCodeBox 2.2及之前版本存在安全漏洞,该漏洞源于路径遍历,可能导致任意文件写入。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2025-51661

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2025-51661

登录查看更多情报信息。

Same Patch Batch · n/a · 2025-11-19 · 26 CVEs total

CVE-2025-133973.3 LOWmrubyc alloc.c mrbc_raw_realloc null pointer dereference
CVE-2025-63932D-Link Router 安全漏洞
CVE-2025-51662FileCodeBox 安全漏洞
CVE-2025-51663FileCodeBox 安全漏洞
CVE-2025-63214Bridgetech VBC Server & Element Manager 安全漏洞
CVE-2025-63719CampCodes Online Hospital Management System 安全漏洞
CVE-2025-63219Itel ISO FM SFN Adapter 安全漏洞
CVE-2025-63224Itel DAB Encoder 安全漏洞
CVE-2025-63208Bridgetech VB288 Objective QoE Content Extractor 安全漏洞
CVE-2025-63205Bridgetech probes 安全漏洞
CVE-2025-63206Dasan Switch DS2924 安全漏洞
CVE-2025-63207R.V.R Elettronica TEX 安全漏洞
CVE-2025-63211Bridgetech VBC Server & Element Manager 安全漏洞
CVE-2025-63371OneCommander 安全漏洞
CVE-2025-63218Axel WOLF1MS和Axel WOLF2MS 安全漏洞
CVE-2025-63210Newtec Celox UHD CELOXA504和Newtec Celox UHD CELOXA820 安全漏洞
CVE-2025-63243Pixeon WebLaudos 安全漏洞
CVE-2025-63879PHP-ECOMMERCE-PROJECT 安全漏洞
CVE-2025-63213QVidium Opera11 安全漏洞
CVE-2025-63221Axel PUMA 安全漏洞

Showing top 20 of 26 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2025-51661

No comments yet

Leave a comment