CVE-2025-10544

Vulnerability Description

Unrestricted file upload vulnerability in DocAve 6.13.2, Perimeter 1.12.3, Compliance Guardian 4.7.1, and earlier versions, allowing administrator users to upload files without proper validation. An attacker could exploit this vulnerability by uploading malicious files that compromise the system. In addition, it is vulnerable to Path Traversal, which allows files to be written to arbitrary directories within the web root.

Related Weaknesses (CWE)

CWE-434

References

https://www.incibe.es/en/incibe-cert/notices/aviso/unrestricted-uploading-danger

FAQ

What is CVE-2025-10544?

CVE-2025-10544 is a documented vulnerability. Unrestricted file upload vulnerability in DocAve 6.13.2, Perimeter 1.12.3, Compliance Guardian 4.7.1, and earlier versions, allowing administrator users to upload files without proper validation. An a...

How severe is CVE-2025-10544?

CVSS scoring is not yet available for CVE-2025-10544. Check NVD for updates.

Is there a patch for CVE-2025-10544?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.