关键漏洞信息 TVN ID: TVN-202511012 CVE IDs: CVE-2025-13768, CVE-2025-13769, CVE-2025-13770, CVE-2025-13771 CVSS Scores: - CVE-2025-13768: 7.5 (High) - CVE-2025-13769: 6.5 (Medium) - CVE-2025-13770: 6.5 (Medium) - CVE-2025-13771: 6.5 (Medium) Affected Products: WebITR version 2_1_0_33 and earlier Description: - CVE-2025-13768: Authentication Bypass vulnerability - CVE-2025-13769: SQL Injection vulnerability - CVE-2025-13770: SQL Injection vulnerability - CVE-2025-13771: Arbitrary File Read vulnerability Solution: Update to version 2_1_0_34 or later Credit: Linwz(DEVCORE) Public Date: 2025-11-28 Links to CVEs: 1. CVE-2025-13768 2. CVE-2025-13769 3. CVE-2025-13770 4. CVE-2025-13771