CVE-2025-12247 – Hasleo Backup Suite HasleoImageMountService/HasleoBackupSuiteService unquoted search path

CVE ID : CVE-2025-12247

Published : Oct. 27, 2025, 8:15 a.m. | 29 minutes ago

Description : A weakness has been identified in Hasleo Backup Suite up to 5.2. Impacted is an unknown function of the component HasleoImageMountService/HasleoBackupSuiteService. This manipulation causes unquoted search path. The attack is restricted to local execution. The attack’s complexity is rated as high. The exploitability is considered difficult. The exploit has been made available to the public and could be exploited. Upgrading the affected component is advised.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

آسیب‌پذیری‌های جدید و وصله‌های امنیتی به‌صورت مداوم منتشر می‌شوند و عدم بروزرسانی به‌موقع می‌تواند امنیت سرویس‌های حیاتی را به خطر بیندازد. خدمات مدیریت و پشتیبانی سرور آفاق هاستینگ شامل پایش امنیتی، بروزرسانی نرم‌افزارها، نصب Patchهای امنیتی و سخت‌سازی سرورها است.

خدمات مدیریت و امنیت سرور

نوشته های مشابه

CVE-2026-48988 – markdown-it: Quadratic complexity DoS in smartquotes rule via replaceAt string operations

CVE-2026-48979 – PHP Standard Library: HTTP/2 server-side missing content-length validation enables request smuggling

CVE-2026-49133 – Typemill < 2.24.0 Path Traversal via ControllerApiImage::getPagemedia()

CVE-2026-48821 – Shaarli: DOM-based Cross-Site Scripting (XSS) in Thumbnail Synchronizer