Path Traversal Vulnerability in China Mobile P22g-CIac Product
CVE-2025-2716

5.1MEDIUM

Key Information:

Vendor

China Mobile

Status
P22g-ciac
Vendor
CVE Published:
24 March 2025

Badges

👾 Exploit Exists

What is CVE-2025-2716?

A vulnerability found in the China Mobile P22g-CIac version 1.0.00.488 involves the Samba Path Handler component. This issue enables attackers to exploit the system through path traversal, potentially accessing sensitive files or directories that are intended to be protected. The exploit can be triggered remotely, posing a significant risk as it has been publicly disclosed. Despite early notification to the vendor regarding this vulnerability, there has been no response or remediation offered, increasing the urgency for users to address their security posture.

Affected Version(s)

P22g-CIac 1.0.00.488

References

https://vuldb.com/?id.300736
vdb-entry
https://vuldb.com/?ctiid.300736
signaturepermissions-required
https://vuldb.com/?submit.519900
third-party-advisory

CVSS V4

Score:
5.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • 👾

    Exploit known to exist

  • Vulnerability published

.