A vulnerability was found in zj1983 zz up to 2024-8. It has been declared as problematic. This vulnerability affects the function deleteLocalFile of the file src/main/java/com/futvan/z/system/zfile/ZfileAction.java of the component File Handler. The manipulation of the argument zids leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
References
Link | Resource |
---|---|
https://github.com/caigo8/CVE-md/blob/main/zz/zz_2024_8%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E5%88%A0%E9%99%A4.md | Exploit Third Party Advisory |
https://vuldb.com/?ctiid.298114 | Permissions Required VDB Entry |
https://vuldb.com/?id.298114 | Third Party Advisory VDB Entry |
https://vuldb.com/?submit.505097 | Third Party Advisory VDB Entry |
https://github.com/caigo8/CVE-md/blob/main/zz/zz_2024_8%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E5%88%A0%E9%99%A4.md | Exploit Third Party Advisory |
Configurations
History
28 May 2025, 17:15
Type | Values Removed | Values Added |
---|---|---|
First Time |
Zframeworks
Zframeworks zz |
|
Summary | (es) Se ha detectado una vulnerabilidad en zj1983 zz hasta 2024-8. Se ha declarado como problemática. Esta vulnerabilidad afecta a la función deleteLocalFile del archivo src/main/java/com/futvan/z/system/zfile/ZfileAction.java del componente File Handler. La manipulación del argumento zids provoca una denegación de servicio. El ataque se puede iniciar de forma remota. Se ha hecho público el exploit y puede que sea utilizado. Se contactó al proveedor con anticipación sobre esta revelación, pero no respondió de ninguna manera. | |
References | () https://github.com/caigo8/CVE-md/blob/main/zz/zz_2024_8%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E5%88%A0%E9%99%A4.md - Exploit, Third Party Advisory | |
References | () https://vuldb.com/?ctiid.298114 - Permissions Required, VDB Entry | |
References | () https://vuldb.com/?id.298114 - Third Party Advisory, VDB Entry | |
References | () https://vuldb.com/?submit.505097 - Third Party Advisory, VDB Entry | |
CPE | cpe:2.3:a:zframeworks:zz:*:*:*:*:*:*:*:* |
03 Mar 2025, 18:15
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
|
References | () https://github.com/caigo8/CVE-md/blob/main/zz/zz_2024_8%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E5%88%A0%E9%99%A4.md - |
03 Mar 2025, 03:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-03-03 03:15
Updated : 2025-05-28 17:15
NVD link : CVE-2025-1846
Mitre link : CVE-2025-1846
CVE.ORG link : CVE-2025-1846
JSON object : View
Products Affected
zframeworks
- zz
CWE
CWE-404
Improper Resource Shutdown or Release