How severe is CVE-2025-2147?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 7.5 out of 10.

What type of vulnerability is CVE-2025-2147?

This is classified as CWE-425, which is a common weakness in software security.

CVE-2025-2147 - MEDIUM Severity | CVSS 7.5

Vulnerability Description

A vulnerability was found in Beijing Zhide Intelligent Internet Technology Modern Farm Digital Integrated Management System 1.0. It has been classified as problematic. Affected is an unknown function. The manipulation leads to files or directories accessible. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Multiple endpoints are affected. The vendor was contacted early about this disclosure but did not respond in any way.

Related Vulnerabilities

CVE-2017-14993

HIGH

CVSS:7.5(High)

OXID eShop Community Edition before 6.0.0 RC3 (development), 4.10.x before 4.10.6 (maintenance), and 4.9.x before 4.9.11 (legacy), Enterprise Edition before 6.0.0 RC3 (development), 5.2.x before 5.2.1...

CWE-4252017

CVE-2017-15235

HIGH

CVSS:7.5(High)

The File Manager (gollem) module 3.0.11 in Horde Groupware 5.2.21 allows remote attackers to bypass Horde authentication for file downloads via a crafted fn parameter that corresponds to the exact fil...

CWE-4252017

CVE-2018-16060

HIGH

CVSS:7.5(High)

Mitsubishi Electric Europe B.V. SmartRTU devices allow remote attackers to obtain sensitive information (directory listing and source code) via a direct request to the /web URI.

CWE-4252018

CVE-2018-16706

HIGH

CVSS:7.5(High)

LG SuperSign CMS allows TVs to be rebooted remotely without authentication via a direct HTTP request to /qsr_server/device/reboot on port 9080.

CWE-4252018

CVE-2018-7526

HIGH

CVSS:7.5(High)

In TotalAlert Web Application in BeaconMedaes Scroll Medical Air Systems prior to v4107600010.23, by accessing a specific uniform resource locator (URL) on the webserver, a malicious user may be able ...

CWE-4252018

CVE-2019-17643

HIGH

CVSS:7.5(High)

An issue was discovered in Centreon before 2.8-30,18.10-8, 19.04-5, and 19.10-2. It provides sensitive information via an unauthenticated direct request for include/monitoring/recurrentDowntime/GetXML...

CWE-4252019