{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2025-2147","assignerOrgId":"1af790b2-7ee1-4545-860a-a788eba489b5","state":"PUBLISHED","assignerShortName":"VulDB","dateReserved":"2025-03-10T06:00:47.437Z","datePublished":"2025-03-10T11:00:07.615Z","dateUpdated":"2025-03-10T12:33:51.927Z"},"containers":{"cna":{"providerMetadata":{"orgId":"1af790b2-7ee1-4545-860a-a788eba489b5","shortName":"VulDB","dateUpdated":"2025-03-10T11:00:07.615Z"},"title":"Beijing Zhide Intelligent Internet Technology Modern Farm Digital Integrated Management System file access","problemTypes":[{"descriptions":[{"type":"CWE","cweId":"CWE-552","lang":"en","description":"Files or Directories Accessible"}]},{"descriptions":[{"type":"CWE","cweId":"CWE-425","lang":"en","description":"Direct Request"}]}],"affected":[{"vendor":"Beijing Zhide Intelligent Internet Technology","product":"Modern Farm Digital Integrated Management System","versions":[{"version":"1.0","status":"affected"}]}],"descriptions":[{"lang":"en","value":"A vulnerability was found in Beijing Zhide Intelligent Internet Technology Modern Farm Digital Integrated Management System 1.0. It has been classified as problematic. Affected is an unknown function. The manipulation leads to files or directories accessible. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Multiple endpoints are affected. The vendor was contacted early about this disclosure but did not respond in any way."},{"lang":"de","value":"Es wurde eine problematische Schwachstelle in Beijing Zhide Intelligent Internet Technology Modern Farm Digital Integrated Management System 1.0 ausgemacht. Dabei betrifft es einen unbekannter Codeteil. Dank Manipulation mit unbekannten Daten kann eine files or directories accessible-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung."}],"metrics":[{"cvssV4_0":{"version":"4.0","baseScore":6.9,"vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N","baseSeverity":"MEDIUM"}},{"cvssV3_1":{"version":"3.1","baseScore":5.3,"vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseSeverity":"MEDIUM"}},{"cvssV3_0":{"version":"3.0","baseScore":5.3,"vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","baseSeverity":"MEDIUM"}},{"cvssV2_0":{"version":"2.0","baseScore":5,"vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N"}}],"timeline":[{"time":"2025-03-10T00:00:00.000Z","lang":"en","value":"Advisory disclosed"},{"time":"2025-03-10T01:00:00.000Z","lang":"en","value":"VulDB entry created"},{"time":"2025-03-10T07:05:50.000Z","lang":"en","value":"VulDB entry last update"}],"credits":[{"lang":"en","value":"LI YU (VulDB User)","type":"reporter"}],"references":[{"url":"https://vuldb.com/?id.299058","name":"VDB-299058 | Beijing Zhide Intelligent Internet Technology Modern Farm Digital Integrated Management System file access","tags":["vdb-entry"]},{"url":"https://vuldb.com/?ctiid.299058","name":"VDB-299058 | CTI Indicators (IOB, IOC, TTP)","tags":["signature","permissions-required"]},{"url":"https://vuldb.com/?submit.506593","name":"Submit #506593 | 北京植得智能互联科技有限公司 瑞田现代农场数字化综合管理系统 v1.0 Exposure of Information Through Directory Listing","tags":["third-party-advisory"]},{"url":"https://github.com/fubxx/CVE/blob/main/%E7%91%9E%E7%94%B0%E7%8E%B0%E4%BB%A3%E5%86%9C%E5%9C%BA%E6%95%B0%E5%AD%97%E5%8C%96%E7%BB%BC%E5%90%88%E7%AE%A1%E7%90%86%E7%B3%BB%E7%BB%9F%E7%9B%AE%E5%BD%95%E9%81%8D%E5%8E%86.md","tags":["exploit"]}]},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-03-10T12:33:07.934507Z","id":"CVE-2025-2147","options":[{"Exploitation":"poc"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-03-10T12:33:51.927Z"}}]}}