What is the severity of CVE-2025-4178?

CVE-2025-4178 is classified as a critical vulnerability.

How do I fix CVE-2025-4178?

To fix CVE-2025-4178, update the xiaowei1118 java_server to a version beyond 11a5bac8f4ba1c17e4bc1b27cad6d24868500e3a.

Which software versions are impacted by CVE-2025-4178?

CVE-2025-4178 affects xiaowei1118 java_server versions up to 11a5bac8f4ba1c17e4bc1b27cad6d24868500e3a.

What type of vulnerability is CVE-2025-4178?

CVE-2025-4178 pertains to an unknown processing issue within the file upload component.

Vulnerability/
CVE-2025-4178

medium

5.5

CWE

1/5/2025

CVE-2025-4178: xiaowei1118 java_server File Upload API FoodController.java path traversal

Q: What component is affected by CVE-2025-4178?

CVE-2025-4178 affects the file /src/main/java/com/changyu/foryou/controller/FoodController.java in the xiaowei1118 java_server.

First published: Thu May 01 2025(Updated: )

A vulnerability was found in xiaowei1118 java_server up to 11a5bac8f4ba1c17e4bc1b27cad6d24868500e3a on Windows and classified as critical. This issue affects some unknown processing of the file /src/main/java/com/changyu/foryou/controller/FoodController.java of the component File Upload API. The manipulation leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available.

Credit: cna@vuldb.com

Affected Software	Affected Version	How to fix
xiaowei1118 java_server	<11a5bac8f4ba1c17e4bc1b27cad6d24868500e3a

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2025-4178?
CVE-2025-4178 is classified as a critical vulnerability.
How do I fix CVE-2025-4178?
To fix CVE-2025-4178, update the xiaowei1118 java_server to a version beyond 11a5bac8f4ba1c17e4bc1b27cad6d24868500e3a.
What component is affected by CVE-2025-4178?
CVE-2025-4178 affects the file /src/main/java/com/changyu/foryou/controller/FoodController.java in the xiaowei1118 java_server.
Which software versions are impacted by CVE-2025-4178?
CVE-2025-4178 affects xiaowei1118 java_server versions up to 11a5bac8f4ba1c17e4bc1b27cad6d24868500e3a.
What type of vulnerability is CVE-2025-4178?
CVE-2025-4178 pertains to an unknown processing issue within the file upload component.

collector/mitre-cve
source/MITRE
agent/title
agent/references
agent/weakness
agent/type
agent/first-publish-date
agent/description
agent/guess-ai
agent/software-canonical-lookup
agent/software-canonical-lookup-request
agent/softwarecombine
collector/nvd-api
source/NVD
agent/last-modified-date
agent/author
agent/source
agent/severity
agent/tags
agent/event
vendor/xiaowei1118
canonical/xiaowei1118 java_server

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.