CVE-2025-1834: zj1983 zz resolve unrestricted upload
First published: Sun Mar 02 2025(Updated: )
A vulnerability, which was classified as critical, was found in zj1983 zz up to 2024-8. This affects an unknown part of the file /resolve. The manipulation of the argument file leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Credit: cna@vuldb.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| zj1983 zz | <=2024-8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-1834?
CVE-2025-1834 is classified as a critical vulnerability.
What does CVE-2025-1834 affect?
CVE-2025-1834 affects the zj1983 zz software up to version 2024-8.
What type of vulnerability is CVE-2025-1834?
CVE-2025-1834 is an unrestricted file upload vulnerability.
How can an attacker exploit CVE-2025-1834?
An attacker can exploit CVE-2025-1834 remotely by manipulating the argument file.
How do I fix CVE-2025-1834?
To fix CVE-2025-1834, upgrade the zj1983 zz software to a version beyond 2024-8.
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/references
- agent/type
- agent/title
- agent/first-publish-date
- agent/description
- agent/guess-ai
- agent/software-canonical-lookup
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/severity
- agent/source
- agent/author
- agent/last-modified-date
- agent/tags
- agent/event
- vendor/zj1983
- canonical/zj1983 zz