- Description
- A Path traversal vulnerability in the file download functionality was identified. This vulnerability allows unauthenticated users to download arbitrary files, in the context of the application server, from the Linux server.
- Source
- a341c0d1-ebf7-493f-a84e-38cf86618674
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 8.6
- Impact score
- 4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
- Severity
- HIGH
- a341c0d1-ebf7-493f-a84e-38cf86618674
- CWE-20
- Hype score
- Not currently trending
CVE-2025-2305 A Path traversal vulnerability in the file download functionality was identified. This vulnerability allows unauthenticated users to download arbitrary files, in the co… https://t.co/ai5ddPRnYt
@CVEnew
16 May 2025
538 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-2305: HIGH] Path traversal vulnerability in a file download function exposes systems to risks. Unauthenticated users can download unauthorized files from the Linux server. #CyberSecurity#cve,CVE-2025-2305,#cybersecurity https://t.co/99N0zjHzHR https://t.co/uITG4aLSEP
@CveFindCom
16 May 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
We found two vulnerabilities in SYNCPILOT LIVE CONTRACT A path traversal vulnerability (CVE-2025-2305) in the file download functionality allows unauthenticated users to download files, in the context of the application server, from the Linux server. An improper access control ht
@cirosec
16 May 2025
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes