Path Traversal in Zhijiantianya Ruoyi-vue-pro

CVE-2025-2742

A vulnerability classified as critical was found in zhijiantianya ruoyi-vue-pro 2.4.1. This vulnerability affects unknown code of the file /admin-api/mp/material/upload-permanent of the component Material Upload Interface. The manipulation…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.002 (39.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.4 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L.

Affected products

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2025-2742?
CVE-2025-2742 is a medium-severity vulnerability in Zhijiantianya Ruoyi-vue-pro, classified under Path Traversal. CVSS score: 5.4/10. Published 2025-03-25.
How severe is CVE-2025-2742?
Medium severity. CVSS v3 base score is 5.4 out of 10.