{"uuid": "c44eb28f-c775-4824-8782-bc68a8ae82c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4377", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15670", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4377\n\ud83d\udd25 CVSS Score: 8.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:H/SI:N/SA:N)\n\ud83d\udd39 Description: Improper Limitation of a Pathname caused a Path Traversal vulnerability in Sparx Systems Pro Cloud Server.\n\nThis vulnerability is present in logview.php and it allows reading arbitrary files on the filesystem.\u00a0\n\nLogview is accessible on Pro Cloud Server Configuration interface. \n\n\nThis issue affects Pro Cloud Server: earlier than 6.0.165.\n\ud83d\udccf Published: 2025-05-09T05:12:59.487Z\n\ud83d\udccf Modified: 2025-05-09T05:12:59.487Z\n\ud83d\udd17 References:\n1. https://sparxsystems.com/products/procloudserver/6.1/", "creation_timestamp": "2025-05-09T05:24:25.000000Z"}