CVE-2025-2749HIGH · 7.2TrackedCISA KEV

Kentico · Kentico Xperience

Kentico Xperience contains a path traversal vulnerability that could allow an authenticated user's Staging Sync Server to upload arbitrary data to path relative locations.

Disclosed

2025-03-24

442 days ago

Status

no honeypot capture yet

on CISA KEV — watching

7-day events

across 0 distinct IPs

7-day spread

0 ASN · 0 cty

0 active days

Top ASNs

No events captured yet.

Top countries

No events captured yet.

References

https://devnet.kentico.com/download/hotfixes
https://nvd.nist.gov/vuln/detail/CVE-2025-2749

↗ NVD ↗ CISA KEV ↗ Search analyses