| TVN ID | TVN-202507008 |
|---|---|
| CVE ID | CVE-2025-7917 |
| CVSS | 7.2 (High) CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
| Affected Products | WinMatrix Web version 1.2.39.5 and earlier |
| Description | WinMatrix3 Web package developed by Simopro Technology has an Arbitrary File Upload vulnerability, allowing remote attackers with administrator privileges to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server. |
| Solution | Update AP to version 3.8.52.5 (Web 1.2.39.5) and install the hotfix, or update AP to version 3.9.1 (Web 1.3.1) or later |
| Credit | Linwz(DEVCORE) |
| Public Date | 2025-07-21 |
:::