CVE-2025-34154
BaseFortify
Publication date: 2025-08-13
Last updated on: 2025-11-04
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| synergetic_data_systems | unform_server_manager | * |
| apache | http_server | 2.4.58 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-34154 is a vulnerability in UnForm Server Manager versions prior to 10.1.12 that allows unauthenticated attackers to read arbitrary files on the host system. The flaw exists in the log file analysis interface's 'arc' endpoint, which accepts a 'fl' parameter specifying the log file to open. Due to insufficient input validation and lack of path sanitization, attackers can supply relative paths to access sensitive OS-level files without authentication, potentially exposing critical system information. [1]
How can this vulnerability impact me? :
This vulnerability can allow attackers to read sensitive files on the server hosting UnForm Server Manager without any authentication. This could lead to exposure of critical system files such as password files, configuration files, or other sensitive data, potentially enabling further attacks like privilege escalation, data theft, or system compromise. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by attempting to access the vulnerable 'arc' endpoint with the 'fl' parameter to read arbitrary files without authentication. For example, you can use the following curl command to test if the server is vulnerable by trying to read a sensitive file like /etc/passwd on a Linux system: curl -s -X GET 'http://target:27292/arc?fl=../../../../../etc/passwd' If the response contains the contents of the file, the system is vulnerable. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade UnForm Server Manager to version 10.1.12 or later, which includes a fix for this unauthenticated file read vulnerability. Additionally, consider restricting access to the server's port 27292 to trusted networks only until the update can be applied. [1, 2]