{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-11T00:22:03.497","vulnerabilities":[{"cve":{"id":"CVE-2025-8852","sourceIdentifier":"cna@vuldb.com","published":"2025-08-11T14:15:27.830","lastModified":"2026-04-29T01:00:01.613","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability was identified in WuKongOpenSource WukongCRM 11.0. This affects an unknown part of the file /adminFile/upload of the component API Response Handler. The manipulation leads to information exposure through error message. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."},{"lang":"es","value":"Se identificó una vulnerabilidad en WuKongOpenSource WukongCRM 11.0. Esta afecta a una parte desconocida del archivo /adminFile/upload del componente API Response Handler. La manipulación provoca la exposición de información mediante un mensaje de error. El ataque puede ejecutarse en remoto. Se ha hecho público el exploit y puede que sea utilizado."}],"metrics":{"cvssMetricV40":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":2.1,"baseSeverity":"LOW","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"LOW","userInteraction":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"PROOF_OF_CONCEPT","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N","baseScore":4.3,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":1.4}],"cvssMetricV2":[{"source":"cna@vuldb.com","type":"Secondary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:N/A:N","baseScore":4.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"cna@vuldb.com","type":"Secondary","description":[{"lang":"en","value":"CWE-200"},{"lang":"en","value":"CWE-209"}]},{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-209"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:5kcrm:wukongcrm:11.0:*:*:*:*:*:*:*","matchCriteriaId":"9B8DACBF-FF4E-4081-BF5F-63D33776BC8C"}]}]}],"references":[{"url":"https://github.com/WuKongOpenSource/WukongCRM-11.0-JAVA/issues/26","source":"cna@vuldb.com","tags":["Exploit","Issue Tracking","Vendor Advisory"]},{"url":"https://github.com/WuKongOpenSource/WukongCRM-11.0-JAVA/issues/26#issue-3272864284","source":"cna@vuldb.com","tags":["Exploit","Issue Tracking"]},{"url":"https://vuldb.com/?ctiid.319383","source":"cna@vuldb.com","tags":["Permissions Required","VDB Entry"]},{"url":"https://vuldb.com/?id.319383","source":"cna@vuldb.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://vuldb.com/?submit.624693","source":"cna@vuldb.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://github.com/WuKongOpenSource/WukongCRM-11.0-JAVA/issues/26","source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","tags":["Exploit","Issue Tracking","Vendor Advisory"]}]}}]}