A vulnerability has been found in Sobey Media Convergence System 2.0/2.1. This vulnerability affects unknown code of the file /sobey-mchEditor/watermark/upload. The manipulation of the argument File leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
References
| Link | Resource |
|---|---|
| https://github.com/hacker-routing/cve/issues/1 | Broken Link |
| https://vuldb.com/?ctiid.334602 | Permissions Required VDB Entry |
| https://vuldb.com/?id.334602 | Third Party Advisory VDB Entry |
| https://vuldb.com/?submit.698561 | Third Party Advisory VDB Entry |
| https://github.com/hacker-routing/cve/issues/1 | Broken Link |
Configurations
Configuration 1 (hide)
|
History
11 Dec 2025, 18:30
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://github.com/hacker-routing/cve/issues/1 - Broken Link | |
| References | () https://vuldb.com/?ctiid.334602 - Permissions Required, VDB Entry | |
| References | () https://vuldb.com/?id.334602 - Third Party Advisory, VDB Entry | |
| References | () https://vuldb.com/?submit.698561 - Third Party Advisory, VDB Entry | |
| First Time |
Sobey media Convergence System
Sobey |
|
| CPE | cpe:2.3:a:sobey:media_convergence_system:2.1:*:*:*:*:*:*:* cpe:2.3:a:sobey:media_convergence_system:2.0:*:*:*:*:*:*:* |
08 Dec 2025, 17:16
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://github.com/hacker-routing/cve/issues/1 - |
07 Dec 2025, 03:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2025-12-07 03:15
Updated : 2025-12-11 18:30
NVD link : CVE-2025-14182
Mitre link : CVE-2025-14182
CVE.ORG link : CVE-2025-14182
JSON object : View
Products Affected
sobey
- media_convergence_system
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')