Browse all 4 CVE security advisories affecting SeriaWei. AI-powered Chinese analysis, POCs, and references for each vulnerability.
SeriaWei develops network monitoring and security analytics solutions primarily for enterprise environments. Historically, their products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and improper access controls. While no major public security incidents have been widely documented, the four CVEs associated with SeriaWei highlight recurring issues in authentication mechanisms and API security. Their security posture appears typical for mid-sized security vendors, with vulnerabilities primarily affecting default configurations and requiring authenticated access for exploitation.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-11272 | SeriaWei ZKEACMS POST Request UrlRedirectionController.cs Delete improper authorization — ZKEACMSCWE-285 | 5.4 | Medium | 2025-10-04 |
| CVE-2025-10766 | SeriaWei ZKEACMS EventViewerController.cs Download path traversal — ZKEACMSCWE-22 | 4.3 | Medium | 2025-09-21 |
| CVE-2025-10765 | SeriaWei ZKEACMS SEOSuggestions ZKEACMS.SEOSuggestions.dll server-side request forgery — ZKEACMSCWE-918 | 4.7 | Medium | 2025-09-21 |
| CVE-2025-10764 | SeriaWei ZKEACMS Event Action System PendingTaskController.cs Edit server-side request forgery — ZKEACMSCWE-918 | 6.3 | Medium | 2025-09-21 |
This page lists every published CVE security advisory associated with SeriaWei. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.