CVE-2025-8852

Source
https://cve.org/CVERecord?id=CVE-2025-8852
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-8852.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-8852
Published
2025-08-11T14:02:05.671Z
Modified
2026-07-16T03:48:10.020700968Z
Severity
  • 2.1 (Low) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P CVSS Calculator
Summary
WuKongOpenSource WukongCRM API Response upload information exposure
Details

A vulnerability was identified in WuKongOpenSource WukongCRM 11.0. This affects an unknown part of the file /adminFile/upload of the component API Response Handler. The manipulation leads to information exposure through error message. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Database specific
{
    "cna_assigner": "VulDB",
    "cwe_ids": [
        "CWE-200",
        "CWE-209"
    ],
    "unresolved_ranges": [
        {
            "source": "AFFECTED_FIELD",
            "extracted_events": [
                {
                    "introduced": "11.0"
                },
                {
                    "last_affected": "11.0"
                }
            ]
        }
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/8xxx/CVE-2025-8852.json"
}
References

Affected packages

Git / github.com/wukongopensource/wukongcrm-11.0-web-java

Affected ranges

Type
GIT
Repo
https://github.com/wukongopensource/wukongcrm-11.0-web-java
Events
Database specific
{
    "source": "CPE_STRING",
    "cpe": "cpe:2.3:a:5kcrm:wukong_crm:11.0:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "11.0"
        },
        {
            "last_affected": "11.0"
        }
    ]
}

Affected versions

11.*
11.0
v11.*
v11.0.2

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-8852.json"