CVE-2025-4377
published 2025-05-09CVE-2025-4377: Improper Limitation of a Pathname caused a Path Traversal vulnerability in Sparx Systems Pro Cloud Server. This vulnerability is present in logview.php and it…
PriorityP348high8.3CVSS 4.0
AVNACLATNPRHUINVCHVILVALSCHSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EPSS
0.62%
45.2th percentile
Improper Limitation of a Pathname caused a Path Traversal vulnerability in Sparx Systems Pro Cloud Server.
This vulnerability is present in logview.php and it allows reading arbitrary files on the filesystem.
Logview is accessible on Pro Cloud Server Configuration interface.
This issue affects Pro Cloud Server: earlier than 6.0.165.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| sparx_systems | pro_cloud_server | <= 6.0.163 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-05-09
Published