Skip to main content

Live CVE-2025-66955

MEDIUM
Files or Directories Accessible to External Parties (CWE-552)
2026-03-12 cve@mitre.org
6.5
CVSS 3.1 · Vendor: mitre
Share

Severity by source

Vendor (mitre) PRIMARY
6.5 MEDIUM
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Primary rating from Vendor (mitre) · only source for this CVE.

CVSS VectorVendor: mitre

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

2
Analysis Generated
Mar 12, 2026 - 19:57 vuln.today
CVE Published
Mar 12, 2026 - 19:16 nvd
MEDIUM 6.5

DescriptionCVE.org

Local File Inclusion in Contact Plan, E-Mail, SMS and Fax components in Asseco SEE Live 2.0 allows remote authenticated users to access files on the host via "path" parameter in the downloadAttachment and downloadAttachmentFromPath API calls.

AnalysisAI

CVE-2025-66955 is a security vulnerability (CVSS 6.5) that allows remote authenticated users. Remediation should follow standard vulnerability management procedures.

Technical ContextAI

Vulnerability type not specified by vendor.

RemediationAI

Monitor vendor channels for patch availability.

Share

CVE-2025-66955 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy