{"vulnerability": "CVE-2025-34040", "sightings": [{"uuid": "7f08b2bc-a163-45c1-84d1-a507c9ea503b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34040", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lshj3di5b22u", "content": "", "creation_timestamp": "2025-06-25T21:02:25.610523Z"}, {"uuid": "8c50538f-dc66-4054-9ff4-a30a2095dd9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34040", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3ltna3dhwhu2k", "content": "", "creation_timestamp": "2025-07-10T21:02:26.990250Z"}, {"uuid": "686ea0c1-ebfe-4aab-8600-4d47f92b4d8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34040", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-02-15)", "content": "", "creation_timestamp": "2026-02-15T00:00:00.000000Z"}, {"uuid": "8de4cbd7-8b18-4fb5-98e8-e8a0cc410b85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34040", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2025/CVE-2025-34040.yaml", "content": "", "creation_timestamp": "2025-07-07T12:46:33.000000Z"}, {"uuid": "ae8dec4b-0ee3-4070-9dc1-af9f406f116e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34040", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lxpyd4szlt2b", "content": "", "creation_timestamp": "2025-08-31T21:02:23.279058Z"}, {"uuid": "3286ff4a-2dab-4394-8867-03929b3ce059", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34040", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-02-06)", "content": "", "creation_timestamp": "2026-02-06T00:00:00.000000Z"}, {"uuid": "a1378ab1-b3b4-4b25-9771-f3aacdf390be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34040", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-02-16)", "content": "", "creation_timestamp": "2026-02-16T00:00:00.000000Z"}, {"uuid": "0c4ca1b7-519a-44cb-9f0a-b73e417b49f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34040", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-03-08)", "content": "", "creation_timestamp": "2026-03-08T00:00:00.000000Z"}, {"uuid": "82f323d3-7f09-450c-819e-ceb83e0b2117", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34040", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-03-07)", "content": "", "creation_timestamp": "2026-03-07T00:00:00.000000Z"}, {"uuid": "73d0091c-a721-4ad9-99ae-0fa576037656", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34040", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-02-26)", "content": "", "creation_timestamp": "2026-02-26T00:00:00.000000Z"}, {"uuid": "05f4e0cb-f16e-4d30-9a7a-f8773ca72500", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34040", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-02-03)", "content": "", "creation_timestamp": "2026-02-03T00:00:00.000000Z"}, {"uuid": "e156ac39-6f1c-4cd3-9bab-f7580c9e6551", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34040", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-29)", "content": "", "creation_timestamp": "2026-01-29T00:00:00.000000Z"}, {"uuid": "de95346d-64f5-4b51-9297-7cfa3ca7aee7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34040", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-01-19)", "content": "", "creation_timestamp": "2026-01-19T00:00:00.000000Z"}, {"uuid": "9be1a4e9-50ae-4dbc-b627-12c87a270362", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34040", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-03-14)", "content": "", "creation_timestamp": "2026-03-14T00:00:00.000000Z"}, {"uuid": "735d200f-fbbd-4f7e-9544-e57d791a98b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34040", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-03-24)", "content": "", "creation_timestamp": "2026-03-24T00:00:00.000000Z"}, {"uuid": "b2bd383a-78f2-4c41-ac04-1b2fde8f5589", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34040", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-02-13)", "content": "", "creation_timestamp": "2026-02-13T00:00:00.000000Z"}, {"uuid": "a45d3106-703a-40ec-8208-1747d543bac4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34040", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-03-21)", "content": "", "creation_timestamp": "2026-03-21T00:00:00.000000Z"}, {"uuid": "23c83649-ec37-46a9-8c3a-8d3f803c8296", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34040", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-13)", "content": "", "creation_timestamp": "2026-04-13T00:00:00.000000Z"}, {"uuid": "5d6d94a5-8d11-4f9f-ba6d-90498e0becab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34040", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3miwohyyaby2g", "content": "", "creation_timestamp": "2026-04-07T21:03:15.830317Z"}, {"uuid": "2b58fc16-210d-477a-999f-04e367093211", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34040", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-09)", "content": "", "creation_timestamp": "2026-04-09T00:00:00.000000Z"}, {"uuid": "4b42d33c-313a-49eb-a499-167cd3717afa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34040", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-11)", "content": "", "creation_timestamp": "2026-04-11T00:00:00.000000Z"}, {"uuid": "7452b59b-9b55-414c-8672-dddbe6e06731", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34040", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-14)", "content": "", "creation_timestamp": "2026-04-14T00:00:00.000000Z"}, {"uuid": "155254df-b6cb-4fbe-bcb9-bd528066601f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34040", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-16)", "content": "", "creation_timestamp": "2026-04-16T00:00:00.000000Z"}, {"uuid": "b89a043d-fbc4-4e4a-b8d2-9e9d219d6591", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34040", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-15)", "content": "", "creation_timestamp": "2026-04-15T00:00:00.000000Z"}, {"uuid": "66687eaf-2690-4115-8f96-f7eebfc8be09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34040", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-21)", "content": "", "creation_timestamp": "2026-04-21T00:00:00.000000Z"}, {"uuid": "119f606e-94bd-4ee1-99d0-69b93ee79419", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34040", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-18)", "content": "", "creation_timestamp": "2026-04-18T00:00:00.000000Z"}, {"uuid": "f5560935-6090-454e-be21-37a31b13eec8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34040", "type": "published-proof-of-concept", "source": "Telegram/U6l-_Q4SZdPiAedvn42TqFBjKPNqGBic_sG-_VLu_zxCP48", "content": "", "creation_timestamp": "2025-08-29T15:00:05.000000Z"}, {"uuid": "a08c71d2-09f2-46b8-b479-8830160ba0af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34040", "type": "published-proof-of-concept", "source": "Telegram/Sg9078z4wn-ZCuDi-o7KKNhIPFjwOafVY3wSmOov4-7vv9A", "content": "", "creation_timestamp": "2025-08-29T11:00:10.000000Z"}, {"uuid": "c2277590-bd63-439f-a698-593d22bc286f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34040", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-23)", "content": "", "creation_timestamp": "2026-04-23T00:00:00.000000Z"}, {"uuid": "04aa77db-8e7f-473b-84c5-b19fdc9e86f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34040", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-22)", "content": "", "creation_timestamp": "2026-04-22T00:00:00.000000Z"}, {"uuid": "c0bb5334-7921-4cb2-84ed-dbd35944abae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34040", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/49473", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1a\u81f4\u8fdcOA\u5b58\u5728\u6587\u4ef6\u4e0a\u4f20\u5bfc\u81f4RCE\uff08CVE-2025-34040\uff09\nURL\uff1ahttps://github.com/jisi-001/CVE-2025-34040Exp\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-08-29T07:37:43.000000Z"}, {"uuid": "f69f0136-ce2d-4e35-8b12-73456ae3a42f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34040", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-26)", "content": "", "creation_timestamp": "2026-04-26T00:00:00.000000Z"}, {"uuid": "0981692f-656d-42ab-96dd-0f83b5cddaef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34040", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19281", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-34040\n\ud83d\udd25 CVSS Score: 10 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H)\n\ud83d\udd39 Description: An arbitrary file upload vulnerability exists in the Zhiyuan OA platform 5.0, 5.1 - 5.6sp1, 6.0 - 6.1sp2, 7.0, 7.0sp1 - 7.1, 7.1sp1, and 8.0 - 8.0sp2 via the wpsAssistServlet interface. The realFileType and fileId parameters are improperly validated during multipart file uploads, allowing unauthenticated attackers to upload crafted JSP files outside of intended directories using path traversal. Successful exploitation enables remote code execution as the uploaded file can be accessed and executed through the web server.\n\ud83d\udccf Published: 2025-06-24T01:12:22.769Z\n\ud83d\udccf Modified: 2025-06-24T01:12:22.769Z\n\ud83d\udd17 References:\n1. https://service.seeyon.com/patchtools/tp.html#/patchList?type=%E5%AE%89%E5%85%A8%E8%A1%A5%E4%B8%81&amp;id=1\n2. https://www.cnblogs.com/pursue-security/p/17677130.html\n3. https://www.cnvd.org.cn/flaw/show/CNVD-2021-01627\n4. https://vulncheck.com/advisories/zhiyuan-oa-system-path-traversal-file-upload", "creation_timestamp": "2025-06-24T01:46:58.000000Z"}, {"uuid": "c2e9eea9-4834-42a5-88ae-0440966dd139", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34040", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-24)", "content": "", "creation_timestamp": "2026-04-24T00:00:00.000000Z"}, {"uuid": "1d04c8d0-ea2e-4ff3-9578-84b1e78aa3c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34040", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-25)", "content": "", "creation_timestamp": "2026-04-25T00:00:00.000000Z"}, {"uuid": "ba796d8b-5f0c-4de0-992f-e43e377bbd43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34040", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-05-04)", "content": "", "creation_timestamp": "2026-05-04T00:00:00.000000Z"}, {"uuid": "efba9cf1-44d6-4772-819c-84faa3de3138", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34040", "type": "published-proof-of-concept", "source": "Telegram/nIXrd68JPRslpKJ78-Anip-Gt9UVTfpwRW1S7IBK0x2u7Jw", "content": "", "creation_timestamp": "2025-06-24T02:34:27.000000Z"}, {"uuid": "520b4ed2-3307-462b-ab9a-800d54944d49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-34040", "type": "published-proof-of-concept", "source": "Telegram/_4cUwiNHuMV9mwcHdjVknxtkWGsw65i4723_y-BO0Y2zmBY", "content": "", "creation_timestamp": "2025-08-29T21:00:04.000000Z"}]}