CVE-2025-8852
WuKongOpenSource WukongCRM API Response upload information exposure
We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
WuKongOpenSource WukongCRM API Response upload information exposure
A vulnerability was identified in WuKongOpenSource WukongCRM 11.0. This affects an unknown part of the file /adminFile/upload of the component API Response Handler. The manipulation leads to information exposure through error message. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Dabei betrifft es einen unbekannter Codeteil der Datei /adminFile/upload der Komponente API Response Handler. Durch das Beeinflussen mit unbekannten Daten kann eine information exposure through error message-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung.
Information Exposure Through Error Message
| 2025-08-10: | Advisory disclosed |
| 2025-08-10: | VulDB entry created |
| 2025-08-10: | VulDB entry last update |
meraklbz (VulDB User)
vuldb.com/?id.319383 (VDB-319383 | WuKongOpenSource WukongCRM API Response upload information exposure)
vuldb.com/?ctiid.319383 (VDB-319383 | CTI Indicators (IOB, IOC, TTP, IOA))
vuldb.com/?submit.624693 (Submit #624693 | WuKongOpenSource WukongCRM v11.0 System Path Disclosure(CWE-209))
github.com/WuKongOpenSource/WukongCRM-11.0-JAVA/issues/26
github.com/WuKongOpenSource/WukongCRM-11.0-JAVA/issues/26
Support options
