CVE-2025-66744
HIGHCVSS 7.5/10EPSS 1.45%
Last modified
CVE-2025-66744 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. In Yonyou YonBIP v3 and before, the LoginWithV8 interface in the series data application service system is vulnerable to path traversal, allowing unauthorized access to sensitive information within the system. EPSS estimates a 1.45% chance of exploitation in the next 30 days.
Description
In Yonyou YonBIP v3 and before, the LoginWithV8 interface in the series data application service system is vulnerable to path traversal, allowing unauthorized access to sensitive information within the system
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Weakness Enumeration
References
Timeline
- Published
- Last Modified
- Status
- Deferred
Frequently Asked Questions
What is CVE-2025-66744?
In Yonyou YonBIP v3 and before, the LoginWithV8 interface in the series data application service system is vulnerable to path traversal, allowing unauthorized access to sensitive information within the system
How severe is CVE-2025-66744?
CVE-2025-66744 has a CVSS score of 7.5/10 (HIGH severity). The EPSS model estimates a 1.45% probability of exploitation in the next 30 days.
How do I fix CVE-2025-66744?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2025-66744?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST