CVE-2025-11139 – This is a path traversal vulnerability in Bjskz... (How to Fix)

Q: What is the severity of CVE-2025-11139?

CVE-2025-11139 has a CVSS score of 6.3 (MEDIUM). This is a path traversal vulnerability in Bjskzy Zhiyou ERP that allows attackers to manipulate file paths in the uploadStudioFile function. Remote exploitation could enable unauthorized file access or upload. Affected systems include all installations up to version 11.0.

📋 TL;DR

This is a path traversal vulnerability in Bjskzy Zhiyou ERP that allows attackers to manipulate file paths in the uploadStudioFile function. Remote exploitation could enable unauthorized file access or upload. Affected systems include all installations up to version 11.0.

💻 Affected Systems

Products:

Bjskzy Zhiyou ERP

Versions: Up to 11.0

Operating Systems: All supported OS

Default Config Vulnerable: ⚠️ Yes

Notes: All installations using the vulnerable component are affected.

📦 What is this software?

Zhiyou Erp by Zhiyou Group

View all CVEs affecting Zhiyou Erp →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote attacker gains arbitrary file read/write access, potentially leading to system compromise, data theft, or ransomware deployment.

🟠

Likely Case

Unauthorized file access leading to sensitive information disclosure or limited file manipulation.

🟢

If Mitigated

Attack blocked at network perimeter or application firewall, no impact on protected systems.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploit details are publicly available in GitHub repository. Remote exploitation is confirmed possible.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: No

Instructions:

No official patch available. Vendor was contacted but did not respond. Consider upgrading to version 11.1 or later if available.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement server-side validation to block path traversal sequences in filepath parameter

Implement regex filter: /(\.\.\/|\.\.\\)/

Web Application Firewall

all

Deploy WAF rules to block path traversal patterns

Configure WAF to block requests containing '../' or '..\' patterns

🧯 If You Can't Patch

Isolate affected systems from internet access
Implement strict network segmentation and monitor for suspicious file access patterns

🔍 How to Verify

Check if Vulnerable:

Check ERP version number in application interface or configuration files

Check Version:

Check application version in web interface or config files

Verify Fix Applied:

Test upload functionality with path traversal payloads to confirm blocking

📡 Detection & Monitoring

Log Indicators:

HTTP requests containing '../' or '..\' in filepath parameter
Unusual file access patterns from web application

Network Indicators:

HTTP POST requests to uploadStudioFile endpoint with suspicious parameters

SIEM Query:

web.url:*uploadStudioFile* AND (web.param:*../* OR web.param:*..\*)

📊 Metadata

CVE ID: CVE-2025-11139

CVSS v3 Score: 6.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-22

EPSS Score: 0.14% exploit probability (33.5th percentile)

Published: September 29, 2025

Last Updated: October 3, 2025

🔗 References

https://github.com/FightingLzn9/vul/blob/main/%E6%97%B6%E7%A9%BA%E6%99%BA%E5%8F%8Berp-2.md Exploit,Third Party Advisory
https://vuldb.com/?ctiid.326216 Permissions Required,VDB Entry
https://vuldb.com/?id.326216 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.658077 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-11139, you might also want to check these: