Primary

Context

AndSoft e-TMS Path Traversal Vulnerability

Vulnerability

A path traversal vulnerability has been identified in AndSoft's e-TMS version 25.03. This vulnerability allows an attacker to access files within the web root by exploiting the 'docurl' parameter in the '/lib/asp/DOCSAVEASASP.ASP' file.

Impact

Exploitation of this vulnerability could lead to unauthorized access to files within the web root, potentially exposing sensitive information.

Remediation

Users can upgrade to AndSoft e-TMS versions VNL 25001 or VNL 25010, or version 25.04, where this vulnerability has been fixed.

Added: Oct 2, 2025, 3:36 PM

Updated: Oct 2, 2025, 7:43 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.6

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.6

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

AndSoft e-TMS Path Traversal Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating