Vulnerability Details CVE-2025-65897
zdh_web is a data collection, processing, monitoring, scheduling, and management platform. In zdh_web thru 5.6.17, insufficient validation of file upload paths in the application allows an authenticated user to write arbitrary files to the server file system, potentially overwriting existing files and leading to privilege escalation or remote code execution.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.0%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2025-65897
-
cpe:2.3:a:zhaoyachao:zdh_web:*