- Description
- A path traversal vulnerability exists in RIPS Scanner version 0.54. The vulnerability allows remote attackers to read arbitrary files on the system with the privileges of the web server by sending crafted HTTP GET requests to the 'windows/code.php' script with a manipulated 'file' parameter. This can lead to disclosure of sensitive information.
- Source
- disclosure@vulncheck.com
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 8.7
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
- disclosure@vulncheck.com
- CWE-22
- Hype score
- Not currently trending
CVE-2025-34126 Path Traversal Vulnerability in RIPS Scanner 0.54 Enables Arbitrary File Read https://t.co/Aq81ijjUY2
@VulmonFeeds
17 Jul 2025
64 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-34126 A path traversal vulnerability exists in RIPS Scanner version 0.54. The vulnerability allows remote attackers to read arbitrary files on the system with the privilege… https://t.co/cm7FyASncR
@CVEnew
16 Jul 2025
402 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes