- Description
- A vulnerability has been found in Whistle 2.9.98 and classified as problematic. This vulnerability affects unknown code of the file /cgi-bin/sessions/get-temp-file. The manipulation of the argument filename leads to path traversal. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
- Source
- cna@vuldb.com
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 5.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- MEDIUM
CVSS 3.1
- Type
- Primary
- Base score
- 4.3
- Impact score
- 1.4
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Secondary
- Base score
- 3.3
- Impact score
- 2.9
- Exploitability score
- 6.5
- Vector string
- AV:A/AC:L/Au:N/C:P/I:N/A:N
- cna@vuldb.com
- CWE-22
- Hype score
- Not currently trending
🚨CVE-2025-5880: Whistle Get-Temp-File Path Traversal Details: A vulnerability has been found in Whistle 2.9.98. This vulnerability affects an unknown code block of the file /cgi-bin/sessions/get-temp-file. Fofa Query: body="WHISTLE" && body="2.9.98" Hosts Found: 7 #os
@carcaraintel
3 Jul 2025
38 Impressions
0 Retweets
2 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-5880 A vulnerability has been found in Whistle 2.9.98 and classified as problematic. This vulnerability affects unknown code of the file /cgi-bin/sessions/get-temp-file. The… https://t.co/JVvDFdruj9
@CVEnew
9 Jun 2025
380 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes