CVE-2025-4377

Vulnerability Description

Improper Limitation of a Pathname caused a Path Traversal vulnerability in Sparx Systems Pro Cloud Server. This vulnerability is present in logview.php and it allows reading arbitrary files on the filesystem. Logview is accessible on Pro Cloud Server Configuration interface. This issue affects Pro Cloud Server: earlier than 6.0.165.

Related Weaknesses (CWE)

CWE-20 CWE-22

References

https://sparxsystems.com/products/procloudserver/6.1/

FAQ

What is CVE-2025-4377?

CVE-2025-4377 is a documented vulnerability. Improper Limitation of a Pathname caused a Path Traversal vulnerability in Sparx Systems Pro Cloud Server. This vulnerability is present in logview.php and it allows reading arbitrary files on the fi...

How severe is CVE-2025-4377?

CVSS scoring is not yet available for CVE-2025-4377. Check NVD for updates.

Is there a patch for CVE-2025-4377?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.