CVE-2025-7108
BaseFortify
Publication date: 2025-07-07
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a critical path traversal flaw in the risesoft-y9 Digital-Infrastructure version 9.6.7, specifically in the deleteFile function of the Y9FileController.java file. It occurs because the application does not properly validate or sanitize the fullPath argument, allowing an attacker to manipulate the file path to access or delete files outside the intended directory. This can be exploited remotely without authentication by crafting malicious requests to the /fileManager/rest/deleteFile API endpoint, potentially leading to unauthorized deletion of arbitrary files on the system. [1, 2]
How can this vulnerability impact me? :
The vulnerability can impact you by allowing an attacker to remotely delete arbitrary files on your system without authentication. This compromises the integrity and availability of your system, as critical files could be removed or tampered with, potentially leading to system malfunction or data loss. Since the attack can be launched remotely and no known mitigations exist, it poses a significant risk to system stability and security. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for suspicious requests to the API endpoint /fileManager/rest/deleteFile that include path traversal patterns in the fullPath parameter. You can use network traffic inspection tools or web server logs to identify such attempts. For example, using grep on web server logs to find requests containing '../' or other traversal sequences in the URL or parameters. Example command: grep -E '\.\./|%2e%2e%2f' /var/log/nginx/access.log. Additionally, testing the endpoint with crafted requests that attempt to delete files outside the intended directory can help confirm the vulnerability. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include disabling or restricting access to the vulnerable API endpoint /fileManager/rest/deleteFile to prevent exploitation. Since no vendor fix or patch is available, consider replacing the affected product with an alternative. Implement network-level protections such as firewall rules or web application firewalls (WAF) to block malicious requests containing path traversal patterns. Monitoring and alerting on suspicious activity targeting this endpoint is also recommended. [2]