cbcvebase.
CVE-2025-66744
published 2026-01-09

CVE-2025-66744: In Yonyou YonBIP v3 and before, the LoginWithV8 interface in the series data application service system is vulnerable to path traversal, allowing unauthorized…

PriorityP276high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
1.45%
70.0th percentile
In Yonyou YonBIP v3 and before, the LoginWithV8 interface in the series data application service system is vulnerable to path traversal, allowing unauthorized access to sensitive information within the system

Detection & IOCsextracted from sources · hover to see the quote

url/bi/api/Portal/LoginWithV8/?ticket=/../../../../Windows/win.ini
path/bi/api/Portal/LoginWithV8/
  • HTTP GET request to /bi/api/Portal/LoginWithV8/ with a `ticket` parameter containing path traversal sequences (e.g., ../../../../Windows/win.ini). No authentication required (PR:N).
  • Successful exploitation returns HTTP 200 with Windows win.ini content in the response body; look for the strings '[fonts]', '[extensions]', and 'Message' together in the response.
  • FOFA fingerprint for identifying exposed Yonyou YonBIP instances: search for body containing 'YonBIP | 数据应用服务'.
  • ·The traversal payload targets Windows hosts specifically (win.ini). Linux/Unix deployments would require a different traversal target (e.g., /etc/passwd) and the win.ini response-body matcher would not fire.
  • ·Vulnerability affects Yonyou YonBIP v3 and earlier; instances patched beyond v3 are not affected.

CVSS provenance

nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
vulncheck7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.