CVE-2025-12867 – Hundred Plus｜EIP Plus – Arbitrary File Uplaod

CVE ID : CVE-2025-12867

Published : Nov. 10, 2025, 4:15 a.m. | 1 hour, 15 minutes ago

Description : EIP Plus developed by Hundred Plus has an Arbitrary File Uplaod vulnerability, allowing privileged remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.

Severity: 7.2 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…