CVE-2025-7628
BaseFortify
Publication date: 2025-07-14
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| yijiusmile | kkfileviewofficeedit | to 2019-03-19 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-7628 is a critical path traversal vulnerability in the YiJiuSmile kkFileViewOfficeEdit product, specifically in the deleteFile function accessed via the /deleteFile endpoint. The vulnerability occurs because the fileName parameter is improperly validated, allowing attackers to bypass checks using backslashes and URL encoding to manipulate file paths. This enables attackers to traverse directories and delete arbitrary files on the server outside the intended directory, by sending crafted HTTP requests remotely without authentication. [1, 3]
How can this vulnerability impact me? :
This vulnerability allows an attacker to remotely delete arbitrary files on the affected server, potentially leading to loss of important data, disruption of services, and compromise of system integrity and availability. Since the attack requires only low privileges and no user interaction, it poses a significant security risk to systems running the vulnerable software. [2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring HTTP requests to the /deleteFile endpoint, specifically looking for suspicious fileName parameter values that include path traversal patterns such as '..', backslashes '\', or URL-encoded sequences. For example, you can use network traffic analysis tools like tcpdump or Wireshark to filter requests to the /deleteFile endpoint. Additionally, you can use curl commands to test the endpoint manually with crafted payloads to see if unauthorized file deletion is possible. Example curl command: curl -v 'http://<target-ip>:8012/deleteFile?fileName=..%5C..%5Csecret.txt' to test path traversal via URL encoding. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting or disabling access to the /deleteFile endpoint if possible, applying strict input validation and sanitization on the fileName parameter to prevent path traversal characters such as '..', backslashes, and URL-encoded sequences. Since no official patches or mitigations are available due to the product's rolling release model, consider replacing the affected product with a more secure alternative. Additionally, monitor logs and network traffic for exploitation attempts and implement network-level protections such as firewalls or web application firewalls (WAF) to block malicious requests targeting this vulnerability. [3]