CVE-2025-4556: ZONG YU Okcat Parking Management Platform - Arbitrary File Upload
First published: Mon May 12 2025(Updated: )
The web management interface of Okcat Parking Management Platform from ZONG YU has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.
Credit: twcert@cert.org.tw
| Affected Software | Affected Version | How to fix |
|---|---|---|
| ZONG YU Okcat Parking Management Platform |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-4556?
CVE-2025-4556 is considered critical due to its potential for arbitrary code execution on the server.
How do I fix CVE-2025-4556?
To fix CVE-2025-4556, ensure you update the Okcat Parking Management Platform to the latest version provided by ZONG YU.
What types of attacks can CVE-2025-4556 facilitate?
CVE-2025-4556 can facilitate arbitrary file uploads, allowing attackers to execute web shell backdoors on the server.
Who is affected by CVE-2025-4556?
Any users of the Okcat Parking Management Platform from ZONG YU are affected by CVE-2025-4556.
What should I do if I suspect exploitation of CVE-2025-4556?
If you suspect exploitation of CVE-2025-4556, immediately isolate the affected system and conduct a thorough security assessment.
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/type
- agent/description
- agent/title
- agent/first-publish-date
- agent/references
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- agent/author
- agent/severity
- agent/event
- collector/epss-latest
- source/FIRST
- agent/source
- agent/tags
- agent/epss
- vendor/zong yu
- canonical/zong yu okcat parking management platform