Information Disclosure Vulnerability in Tsinghua Unigroup Electronic Archives System
CVE-2025-0226

5.3MEDIUM

Key Information:

Vendor: Tsinghua Unigroup
Status: Electronic Archives System
Vendor: CVE Published:; 5 January 2025

🔔 Create Tsinghua Unigroup Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2025-0226?

A significant vulnerability exists within the Tsinghua Unigroup Electronic Archives System that allows unauthorized remote access to sensitive information. The flaw resides in the file download functionality located at /collect/PortV4/downLoad.html, where the manipulation of the 'path' argument can lead to unintended information exposure. This exploit has been publicly disclosed, raising concerns about the risk of exploitation in vulnerable systems.