VDB

CVE-2025-6076

CVE-2025-6076 PUBLISHED CVSS 8.800000190734863 HIGH

Partner Software's Partner Software application and Partner Web application do not sanitize files uploaded on the "reports" tab, allowing an authenticated attacker to upload a malicious file and compromise the device. By default, the software runs as SYSTEM, heightening the severity of the vulnerability.

EPSS 0.29% · 52.5th percentile

Risk Scores

CVSS 3.1
8.800000190734863
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.29%
52.5th percentile

Affected Products

VendorProductVersions
Partner SoftwarePartner Web4.32

Timeline

  • Aug 2, 2025 EPSS Score
  • Aug 2, 2025 CVE Published
  • Aug 2, 2025 PoC Published
  • Aug 11, 2025 EPSS Score
  • Aug 19, 2025 EPSS Score
  • Aug 28, 2025 EPSS Score
  • Sep 6, 2025 EPSS Score
  • Sep 14, 2025 EPSS Score
  • Sep 23, 2025 EPSS Score
  • Oct 2, 2025 EPSS Score
  • Oct 10, 2025 EPSS Score
  • Oct 19, 2025 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›