CVE-2025-54802

Published Aug 5, 2025

Last updated 5 months ago

CVSS critical 9.8

Overview

Description
pyLoad is the free and open-source Download Manager written in pure Python. In versions 0.5.0b3.dev89 and below, there is an opportunity for path traversal in pyLoad-ng CNL Blueprint via package parameter, allowing Arbitrary File Write which leads to Remote Code Execution (RCE). The addcrypted endpoint in pyload-ng suffers from an unsafe path construction vulnerability, allowing unauthenticated attackers to write arbitrary files outside the designated storage directory. This can be abused to overwrite critical system files, including cron jobs and systemd services, leading to privilege escalation and remote code execution as root. This issue is fixed in version 0.5.0b3.dev90.
Source
security-advisories@github.com
NVD status
Analyzed
Products
pyload-ng

Risk scores

CVSS 3.1

Type
Secondary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

security-advisories@github.com
CWE-22

Social media

Hype score
Not currently trending

  1. CVE-2025-54802 (CVSS:9.8, CRITICAL) is Awaiting Analysis. pyLoad is the free and open-source Download Manager written in pure Python. In versions 0.5.0b3.dev89 and below, there i..https://t.co/TfHUbpNgmd #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre

    @cracbot

    10 Aug 2025

    4 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2025-54802 Unauthenticated Path Traversal in pyLoad-ng Leading to Remote Code Execution https://t.co/CdZn6WOnN2

    @VulmonFeeds

    5 Aug 2025

    0 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. CVE-2025-54802 pyLoad is the free and open-source Download Manager written in pure Python. In versions 0.5.0b3.dev89 and below, there is an opportunity for path traversal in pyLoad-… https://t.co/S0ONPRe3Oh

    @CVEnew

    5 Aug 2025

    367 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. [CVE-2025-54802: CRITICAL] Security advisory: PyLoad versions 0.5.0b3.dev89 and below are vulnerable to path traversal & arbitrary file write, enabling remote code execution. Update to 0.5.0b3.dev90 for the ...#cve,CVE-2025-54802,#cybersecurity https://t.co/fNDcBmfuaQ https:/

    @CveFindCom

    5 Aug 2025

    54 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

Related CVEs

  1. pyLoad is a free and open-source download manager written in Python. From version 0.5.0b3.dev13 to 0.5.0b3.dev96, the edit_package() function implements insufficient sanitization for the pack_folder parameter. The current protection relies on a single-pass string replacement of "../", which can be bypassed using crafted recursive traversal sequences. This issue has been patched in version 0.5.0b3.dev97.CVE-2026-29778
  2. pyLoad is a free and open-source Download Manager written in pure Python. The `pyload` API allows any API call to be made using GET requests. Since the session cookie is not set to `SameSite: strict`, this opens the library up to severe attack possibilities via a Cross-Site Request Forgery (CSRF) attack. As a result any API call can be made via a CSRF attack by an unauthenticated user. This issue has been addressed in release `0.5.0b3.dev78`. All users are advised to upgrade.CVE-2024-22416

References

Sources include official advisories and independent security research.