CVE-2025-57795 | THREATINT

Description

Explorance Blue versions prior to 8.14.13 contain an authenticated remote file download vulnerability in a web service component. In default configurations, this flaw can be leveraged to achieve remote code execution.

PUBLISHED Reserved 2025-08-19 | Published 2026-01-28 | Updated 2026-01-28 | Assigner Mandiant

Problem types

CWE-434 Unrestricted Upload of File with Dangerous Type

Product status

Default status

unaffected

Any version before 8.14.13

affected

Credits

Abdulrahman Nour, Mandiant finder

Abdulrahman Nour, Mandiant reporter

References

www.explorance.com/products/blue product

online-help.explorance.com/...rity-advisories-(january-2026) vendor-advisory

online-help.explorance.com/...urity-advisory:-cve-2025-57795 vendor-advisory

github.com/...Disclosures/blob/master/2026/MNDT-2026-0004.md third-party-advisory

cve.org (CVE-2025-57795)

nvd.nist.gov (CVE-2025-57795)

Download JSON