Cyber Resilience

CVE-2025-66744

High

Published: 09 January 2026

Published
09 January 2026
Modified
15 April 2026
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.0300 86.9th percentile
Risk Priority 17 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-66744 is a high-severity Path Traversal (CWE-22) vulnerability. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 13.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

In Yonyou YonBIP v3 and earlier versions, the LoginWithV8 interface within the series data application service system contains a path traversal vulnerability tracked as CVE-2025-66744. The flaw, assigned CWE-22 and rated 7.5 under CVSS 3.1, permits unauthorized access to sensitive information stored on the system.

Remote attackers can exploit the issue over the network without authentication or user interaction, reading arbitrary files and thereby disclosing confidential data. The attack requires no privileges and targets the exposed interface directly.

Public references consist of GitHub repositories that demonstrate the path traversal technique. The associated EPSS score rose from a low baseline to a peak of 0.1048 on 2026-02-11 before receding to the current value of 0.0300, indicating that exploitation interest increased after the January 2026 disclosure.

EU & UK References

Vulnerability details

In Yonyou YonBIP v3 and before, the LoginWithV8 interface in the series data application service system is vulnerable to path traversal, allowing unauthorized access to sensitive information within the system

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Path traversal in public-facing LoginWithV8 web interface directly enables remote unauthenticated file access, matching T1190 Exploit Public-Facing Application.

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

CVEs Like This One

CVE-2025-64075Shared CWE-22
CVE-2024-53537Shared CWE-22
CVE-2024-36512Shared CWE-22
CVE-2025-0493Shared CWE-22
CVE-2025-70231Shared CWE-22
CVE-2026-43888Shared CWE-22
CVE-2025-15031Shared CWE-22
CVE-2026-25785Shared CWE-22
CVE-2025-11366Shared CWE-22
CVE-2026-1810Shared CWE-22

Affected Assets

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly remediates the path traversal flaw in the LoginWithV8 interface of Yonyou YonBIP by identifying, reporting, and correcting the specific vulnerability.

prevent

Requires validation of user-supplied path inputs to the LoginWithV8 interface, preventing traversal sequences like '../' from accessing sensitive files outside intended directories.

prevent

Enforces logical access controls on sensitive system files and resources, limiting damage from successful path traversal by restricting read permissions based on approved authorizations.

References