{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-8775", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2025-08-08T20:26:31.112Z", "datePublished": "2025-08-09T21:02:07.185Z", "dateUpdated": "2025-08-12T16:04:12.027Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2025-08-09T21:02:07.185Z"}, "title": "Qiyuesuo Eelectronic Signature Platform Scheduled Task upload execute unrestricted upload", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-434", "lang": "en", "description": "Unrestricted Upload"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-284", "lang": "en", "description": "Improper Access Controls"}]}], "affected": [{"vendor": "Qiyuesuo", "product": "Eelectronic Signature Platform", "versions": [{"version": "4.0", "status": "affected"}, {"version": "4.1", "status": "affected"}, {"version": "4.2", "status": "affected"}, {"version": "4.3", "status": "affected"}, {"version": "4.4", "status": "affected"}, {"version": "4.5", "status": "affected"}, {"version": "4.6", "status": "affected"}, {"version": "4.7", "status": "affected"}, {"version": "4.8", "status": "affected"}, {"version": "4.9", "status": "affected"}, {"version": "4.10", "status": "affected"}, {"version": "4.11", "status": "affected"}, {"version": "4.12", "status": "affected"}, {"version": "4.13", "status": "affected"}, {"version": "4.14", "status": "affected"}, {"version": "4.15", "status": "affected"}, {"version": "4.16", "status": "affected"}, {"version": "4.17", "status": "affected"}, {"version": "4.18", "status": "affected"}, {"version": "4.19", "status": "affected"}, {"version": "4.20", "status": "affected"}, {"version": "4.21", "status": "affected"}, {"version": "4.22", "status": "affected"}, {"version": "4.23", "status": "affected"}, {"version": "4.24", "status": "affected"}, {"version": "4.25", "status": "affected"}, {"version": "4.26", "status": "affected"}, {"version": "4.27", "status": "affected"}, {"version": "4.28", "status": "affected"}, {"version": "4.29", "status": "affected"}, {"version": "4.30", "status": "affected"}, {"version": "4.31", "status": "affected"}, {"version": "4.32", "status": "affected"}, {"version": "4.33", "status": "affected"}, {"version": "4.34", "status": "affected"}], "modules": ["Scheduled Task Handler"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in Qiyuesuo Eelectronic Signature Platform up to 4.34 and classified as critical. Affected by this issue is the function execute of the file /api/code/upload of the component Scheduled Task Handler. The manipulation of the argument File leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."}, {"lang": "de", "value": "Eine Schwachstelle wurde in Qiyuesuo Eelectronic Signature Platform bis 4.34 gefunden. Sie wurde als kritisch eingestuft. Betroffen davon ist die Funktion execute der Datei /api/code/upload der Komponente Scheduled Task Handler. Dank Manipulation des Arguments File mit unbekannten Daten kann eine unrestricted upload-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 6.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 6.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2025-08-08T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2025-08-08T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2025-08-08T22:31:34.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "nn0nkey (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.319298", "name": "VDB-319298 | Qiyuesuo Eelectronic Signature Platform Scheduled Task upload execute unrestricted upload", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.319298", "name": "VDB-319298 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.625551", "name": "Submit #625551 | qiyuesuo electronic signature platform <=4.34 Scheduled task RCE", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/?submit.625553", "name": "Submit #625553 | https://www.qiyuesuo.com/ electronic signature platform <=4.34 RCE (Duplicate)", "tags": ["third-party-advisory"]}, {"url": "https://github.com/nn0nkey/nn0nkey/blob/main/QYS/QYS_task.md", "tags": ["exploit"]}]}, "adp": [{"references": [{"url": "https://github.com/nn0nkey/nn0nkey/blob/main/QYS/QYS_task.md", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-08-12T15:44:57.829296Z", "id": "CVE-2025-8775", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-12T16:04:12.027Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-8775", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-08-12T15:44:57.829296Z"}}}], "references": [{"url": "https://github.com/nn0nkey/nn0nkey/blob/main/QYS/QYS_task.md", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-11T15:22:14.521Z"}}], "cna": {"title": "Qiyuesuo Eelectronic Signature Platform Scheduled Task upload execute unrestricted upload", "credits": [{"lang": "en", "type": "reporter", "value": "nn0nkey (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 6.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P/E:POC/RL:ND/RC:UR"}}], "affected": [{"vendor": "Qiyuesuo", "modules": ["Scheduled Task Handler"], "product": "Eelectronic Signature Platform", "versions": [{"status": "affected", "version": "4.0"}, {"status": "affected", "version": "4.1"}, {"status": "affected", "version": "4.2"}, {"status": "affected", "version": "4.3"}, {"status": "affected", "version": "4.4"}, {"status": "affected", "version": "4.5"}, {"status": "affected", "version": "4.6"}, {"status": "affected", "version": "4.7"}, {"status": "affected", "version": "4.8"}, {"status": "affected", "version": "4.9"}, {"status": "affected", "version": "4.10"}, {"status": "affected", "version": "4.11"}, {"status": "affected", "version": "4.12"}, {"status": "affected", "version": "4.13"}, {"status": "affected", "version": "4.14"}, {"status": "affected", "version": "4.15"}, {"status": "affected", "version": "4.16"}, {"status": "affected", "version": "4.17"}, {"status": "affected", "version": "4.18"}, {"status": "affected", "version": "4.19"}, {"status": "affected", "version": "4.20"}, {"status": "affected", "version": "4.21"}, {"status": "affected", "version": "4.22"}, {"status": "affected", "version": "4.23"}, {"status": "affected", "version": "4.24"}, {"status": "affected", "version": "4.25"}, {"status": "affected", "version": "4.26"}, {"status": "affected", "version": "4.27"}, {"status": "affected", "version": "4.28"}, {"status": "affected", "version": "4.29"}, {"status": "affected", "version": "4.30"}, {"status": "affected", "version": "4.31"}, {"status": "affected", "version": "4.32"}, {"status": "affected", "version": "4.33"}, {"status": "affected", "version": "4.34"}]}], "timeline": [{"lang": "en", "time": "2025-08-08T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2025-08-08T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2025-08-08T22:31:34.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.319298", "name": "VDB-319298 | Qiyuesuo Eelectronic Signature Platform Scheduled Task upload execute unrestricted upload", "tags": ["vdb-entry", "technical-description"]}, {"url": "https://vuldb.com/?ctiid.319298", "name": "VDB-319298 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.625551", "name": "Submit #625551 | qiyuesuo electronic signature platform <=4.34 Scheduled task RCE", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/?submit.625553", "name": "Submit #625553 | https://www.qiyuesuo.com/ electronic signature platform <=4.34 RCE (Duplicate)", "tags": ["third-party-advisory"]}, {"url": "https://github.com/nn0nkey/nn0nkey/blob/main/QYS/QYS_task.md", "tags": ["exploit"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in Qiyuesuo Eelectronic Signature Platform up to 4.34 and classified as critical. Affected by this issue is the function execute of the file /api/code/upload of the component Scheduled Task Handler. The manipulation of the argument File leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."}, {"lang": "de", "value": "Eine Schwachstelle wurde in Qiyuesuo Eelectronic Signature Platform bis 4.34 gefunden. Sie wurde als kritisch eingestuft. Betroffen davon ist die Funktion execute der Datei /api/code/upload der Komponente Scheduled Task Handler. Dank Manipulation des Arguments File mit unbekannten Daten kann eine unrestricted upload-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-434", "description": "Unrestricted Upload"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-284", "description": "Improper Access Controls"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2025-08-09T21:02:07.185Z"}}}, "cveMetadata": {"cveId": "CVE-2025-8775", "state": "PUBLISHED", "dateUpdated": "2025-08-12T16:04:12.027Z", "dateReserved": "2025-08-08T20:26:31.112Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2025-08-09T21:02:07.185Z", "assignerShortName": "VulDB"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was found in Qiyuesuo Eelectronic Signature Platform up to 4.34 and classified as critical. Affected by this issue is the function execute of the file /api/code/upload of the component Scheduled Task Handler. The manipulation of the argument File leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way."}, {"lang": "es", "value": "Se encontr\u00f3 una vulnerabilidad en Qiyuesuo Eelectronic Signature Platform hasta la versi\u00f3n 4.34, clasificada como cr\u00edtica. Este problema afecta la funci\u00f3n \"execute\" del archivo /api/code/upload del componente \"Manejador de Tareas Programadas\". La manipulaci\u00f3n del argumento \"File\" permite una carga sin restricciones. El ataque puede ejecutarse en remoto. Se ha hecho p\u00fablico el exploit y puede que sea utilizado. Se contact\u00f3 al proveedor con antelaci\u00f3n sobre esta divulgaci\u00f3n, pero no respondi\u00f3."}], "id": "CVE-2025-8775", "lastModified": "2025-08-12T16:15:31.553", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "[email protected]", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.4, "source": "[email protected]", "type": "Secondary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "LOW", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "[email protected]", "type": "Secondary"}]}, "published": "2025-08-09T21:15:25.870", "references": [{"source": "[email protected]", "url": "https://github.com/nn0nkey/nn0nkey/blob/main/QYS/QYS_task.md"}, {"source": "[email protected]", "url": "https://vuldb.com/?ctiid.319298"}, {"source": "[email protected]", "url": "https://vuldb.com/?id.319298"}, {"source": "[email protected]", "url": "https://vuldb.com/?submit.625551"}, {"source": "[email protected]", "url": "https://vuldb.com/?submit.625553"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "url": "https://github.com/nn0nkey/nn0nkey/blob/main/QYS/QYS_task.md"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}, {"lang": "en", "value": "CWE-434"}], "source": "[email protected]", "type": "Secondary"}]}

{}