CVE-2018-25312

MEDIUM SEVERITY

CVSS Score & Metrics

Base Score

6.5 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N                                    

Vulnerability Description

LifeSize ClearSea 3.1.4 contains directory traversal vulnerabilities that allow authenticated attackers to download and upload arbitrary files by manipulating path parameters in the smartgui interface. Attackers can exploit the upload endpoint with directory traversal sequences to write files to arbitrary locations on the system, enabling remote code execution.

Vulnerability Details

Published Date

April 29, 2026

Last Modified

April 29, 2026

CWE ID

CWE-22

Source

NVD

Vendor

LifeSize

Product

ClearSea

External References

https://www.exploit-db.com/exploits/44390
https://www.vulncheck.com/advisories/lifesize-clearsea-directory-traversal-remote-code-execution

CVE-2018-25312

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment