What is CVE-2025-0390?

A medium-severity vulnerability has been identified in Huayi Tec Jeewms, affecting versions up to 20241229. Organizations must prioritize upgrading to version 20250101 to mitigate potential risks associated with this path traversal vulnerability.

What is the severity of CVE-2025-0390?

CVE-2025-0390 has a severity rating of MEDIUM with a CVSS base score of 6.9.

CVE-2025-0390 | Medium Vulnerability in Huayi Tec Jeewms

A vulnerability classified as critical was found in Guangzhou Huayi Intelligent Technology Jeewms up to 20241229. This vulnerability allows for path traversal attacks, exploiting the file /wmOmNoticeHController.do. Attackers can initiate this exploit remotely, posing a significant risk to organizations using the affected software.

The Common Vulnerability Scoring System (CVSS) version 4.0 rates this vulnerability with a score of 6.9, indicating a medium severity level. Organizations are recommended to upgrade to version 20250101 to address this vulnerability effectively.

Risk to organizations includes potential unauthorized access to sensitive files, depending on the configuration of the web application. The urgency for defenders is to prioritize patching immediately, as the exploit has been disclosed and could be leveraged by malicious actors.

The vulnerability has been publicly documented, and organizations must act swiftly to mitigate risks to their systems.

Vulnerability Details

This vulnerability affects unknown code of the file /wmOmNoticeHController.do, and is associated with path traversal vulnerabilities (CWE-23 and CWE-24). The CVSS score of 6.9 indicates a medium severity level, which can lead to unauthorized access to sensitive files.

The vulnerability was published on January 11, 2025, and is classified under Huayi Tec's Jeewms product line. Organizations should ensure they are not running any versions prior to 20250101.

Technical Analysis

The root cause of this vulnerability stems from improper input validation leading to path traversal. Attackers may leverage this vulnerability to access unauthorized directories and files within the system.

The attack vector is network-based, requiring no special privileges or user interaction. The attack complexity is low, making it easier for attackers to exploit this vulnerability without significant barriers.

The potential impacts are low in terms of confidentiality, integrity, and availability, as the exploit primarily targets file access without altering the integrity of the system.

Risk & Impact Analysis

Real-world deployment risk includes unauthorized access to sensitive files, which can have significant implications for data security. Organizations that do not promptly upgrade to the patched version may expose themselves to data breaches.

The urgency for organizations is classified as high due to the disclosed nature of the exploit. The CVSS score indicates that organizations should address this vulnerability in their priority patch cycle.

The blast radius potential varies, depending on the network configuration and the data stored within the application. Organizations should evaluate their exposure to this vulnerability and prioritize remediation.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

The affected product is Huayi Tec's Jeewms, with all versions prior to 20250101 being vulnerable. Organizations should ensure they are running the latest version to mitigate risks.

Mitigation & Remediation

Organizations should prioritize upgrading to version 20250101 to mitigate this vulnerability. If an upgrade is not immediately possible, consider implementing network controls to restrict access to the vulnerable endpoint.

Regular monitoring of system logs for unusual access patterns is also recommended. For further security assessments, organizations may consider engaging in penetration testing to identify potential vulnerabilities.

Detection Guidance

Organizations should monitor logs for indicators of path traversal attempts, such as unusual file access requests targeting the /wmOmNoticeHController.do endpoint.

Behavioral anomalies and unauthorized access to sensitive files should be flagged for review. Implementing network signatures to detect malicious requests can enhance monitoring capabilities.

AppSecure Threat Intelligence Insight

The low EPSS score of 0.00246 indicates that while the vulnerability is critical, the probability of exploitation remains low. Nevertheless, the disclosed nature of the vulnerability necessitates vigilance.

Security teams should prioritize regular updates and conduct ongoing training for developers to recognize and address such vulnerabilities in code.

For additional insights into vulnerability management, organizations may refer to vulnerability management best practices and penetration testing methodology for comprehensive security strategies.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2026-7704	CVE-2026-7704: Low Vulnerability in AV Stumpfl Pixera Two Media Server	LOW	Path Traversal	May 3, 2026
CVE-2026-7703	CVE-2026-7703: Medium Vulnerability in AV Stumpfl Pixera Two Media Server	MEDIUM	Injection	May 3, 2026
CVE-2026-7702	CVE-2026-7702: Medium Vulnerability in toeverything AFFiNE	MEDIUM	Improper Authorization	May 3, 2026
CVE-2026-7701	CVE-2026-7701: Low Vulnerability in Telegram Desktop	LOW	Null Pointer Dereference	May 3, 2026
CVE-2026-7700	CVE-2026-7700: Low Vulnerability in langflow-ai langflow	LOW	Injection	May 3, 2026

CVE-2025-0390: Medium Vulnerability in Huayi Tec Jeewms