CVE-2025-52922
BaseFortify
Publication date: 2025-06-23
Last updated on: 2025-06-23
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-23 | The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-52922 is a directory traversal vulnerability in Innoshop through version 0.4.1. An authenticated attacker with admin panel access can exploit the FileManager API endpoints to perform several unauthorized actions: map the entire filesystem structure, create arbitrary directories, read arbitrary files by copying them to accessible locations, delete arbitrary files, and create files anywhere on the server by uploading and moving them. This allows the attacker extensive control over the server's filesystem.
How can this vulnerability impact me? :
This vulnerability can have severe impacts including unauthorized disclosure of sensitive files, modification or deletion of critical files, and unauthorized creation of files or directories on the server. This can lead to data breaches, service disruption, and potential further exploitation of the system due to compromised file integrity and confidentiality.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves monitoring for authenticated access to the admin panel endpoints related to the FileManager API, specifically requests to /api/file_manager/files?base_folder=, /api/file_manager/directories, /api/file_manager/copy_files, /api/file_manager/files (DELETE), and /api/file_manager/move_files. Commands to detect suspicious activity could include inspecting web server logs for these endpoints and unusual HTTP methods (e.g., DELETE). For example, using grep on access logs: grep -E '/api/file_manager/(files|directories|copy_files|move_files)' /var/log/nginx/access.log or /var/log/apache2/access.log. Additionally, monitoring for unexpected directory creation, file copying, or deletion events on the server filesystem may help detect exploitation attempts.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the admin panel and FileManager API endpoints to trusted users only, enforcing strong authentication and authorization controls, and monitoring for suspicious activity on these endpoints. Applying any available patches or updates from the Innoshop project is critical. If patches are not yet available, consider disabling or limiting the FileManager API functionality until a fix is applied. Additionally, review and harden server permissions to limit the ability of the application to create, move, or delete files arbitrarily.