Vulnerabilities

CVE-2025-41073

by Fred · 23/10/2025

Path Traversal vulnerability in version 4.4.2236.1 of TESI Gandia Integra Total. This issue allows an authenticated attacker to download a ZIP file containing files from the server, including those located in parent directories (e.g., ……), by exploiting the “direstudio” parameter in “/encuestas/integraweb[_v4]/integra/html/view/comprimir.php”.

More information : https://www.incibe.es/en/incibe-cert/notices/aviso/path-traversal-gandia-integra-total-tesi

Similar

Tags: Cybersecurity Alert