CVE-2025-65897 — HIGH (8.8)

Q: How severe is CVE-2025-65897?

CVE-2025-65897 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2025-65897?

Check the references section above for vendor advisories and patch information. Affected products include: Zhaoyachao Zdh Web.

Vulnerability Description

zdh_web is a data collection, processing, monitoring, scheduling, and management platform. In zdh_web thru 5.6.17, insufficient validation of file upload paths in the application allows an authenticated user to write arbitrary files to the server file system, potentially overwriting existing files and leading to privilege escalation or remote code execution.

CVSS Score

8.8

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Affected Products

Vendor	Product	Versions
Zhaoyachao	Zdh Web	<= 5.6.17

Related Weaknesses (CWE)

CWE-22 CWE-434

References

https://github.com/zhaoyachao/zdh_webProduct
https://github.com/zhaoyachao/zdh_web/commit/b2423378a8bf83f159f19ce4e14eac71c93Patch
https://github.com/zhaoyachao/zdh_web/issues/40Issue TrackingVendor Advisory
https://github.com/zhaoyachao/zdh_web/pull/39Patch

FAQ

What is CVE-2025-65897?

CVE-2025-65897 is a vulnerability with a CVSS score of 8.8 (HIGH). zdh_web is a data collection, processing, monitoring, scheduling, and management platform. In zdh_web thru 5.6.17, insufficient validation of file upload paths in the application allows an authenticat...

How severe is CVE-2025-65897?

CVE-2025-65897 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-65897?

Check the references section above for vendor advisories and patch information. Affected products include: Zhaoyachao Zdh Web.