Sign-up

ID

VAR-202502-2076


TITLE

There is an arbitrary file read vulnerability in the intelligent bus electronic stop sign integrated management service platform of Shanghai Zhengxian Electronic Technology Co., Ltd.

Trust: 0.6

sources: CNVD: CNVD-2025-04012

DESCRIPTION

Shanghai Zhengxian Electronic Technology Co., Ltd. is one of the few specialized and innovative enterprises in China that specializes in the research and development, production and sales of smart city furniture. There is an arbitrary file reading vulnerability in the intelligent bus electronic stop sign integrated management service platform of Shanghai Zhengxian Electronic Technology Co., Ltd., which can be exploited by attackers to obtain sensitive information.

Trust: 0.6

sources: CNVD: CNVD-2025-04012

IOT TAXONOMY

category:['IoT']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2025-04012

AFFECTED PRODUCTS

vendor:zhengxian electronicmodel:intelligent bus electronic stop sign integrated management service platformscope: - version: -

Trust: 0.6

sources: CNVD: CNVD-2025-04012

CVSS

SEVERITY

CVSSV2

CVSSV3

CNVD: CNVD-2025-04012
value: MEDIUM

Trust: 0.6

CNVD: CNVD-2025-04012
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:P/I:N/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

sources: CNVD: CNVD-2025-04012

EXTERNAL IDS

db:CNVDid:CNVD-2025-04012

Trust: 0.6

sources: CNVD: CNVD-2025-04012

SOURCES

db:CNVDid:CNVD-2025-04012

LAST UPDATE DATE

2025-03-02T23:18:39.418000+00:00


SOURCES UPDATE DATE

db:CNVDid:CNVD-2025-04012date:2025-02-28T00:00:00

SOURCES RELEASE DATE

db:CNVDid:CNVD-2025-04012date:2025-02-22T00:00:00