CVE-2025-34120
BaseFortify
Publication date: 2025-07-16
Last updated on: 2025-07-17
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| limesurvey | limesurvey | 2.0 |
| limesurvey | limesurvey | 2.06 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
| CWE-306 | The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an unauthenticated file download issue in LimeSurvey versions 2.0+ up to 2.06+ Build 151014. It occurs because the application does not properly validate serialized input sent to the admin backup endpoint, allowing attackers to craft a payload that specifies arbitrary file paths. These files are then packaged into a ZIP archive and made available for download without requiring authentication, enabling attackers to read arbitrary files on the host system, including sensitive operating system and configuration files.
How can this vulnerability impact me? :
This vulnerability can allow attackers to access and download arbitrary files from the server hosting LimeSurvey without any authentication. This could lead to exposure of sensitive information such as configuration files, system files, or other confidential data stored on the server, potentially compromising the security and privacy of the system and its users.