CVE-2025-55295
BaseFortify
Publication date: 2025-08-19
Last updated on: 2025-08-20
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| stuffanthings | qbit_manage | 4.5.4 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a path traversal flaw in qBit Manage's web API, specifically in the restore_config_from_backup endpoint. Authenticated users can exploit it by manipulating the backup_id parameter with path traversal sequences (like ../) to bypass directory restrictions and read arbitrary files from the server's filesystem.
How can this vulnerability impact me? :
An attacker who is authenticated can read sensitive or critical files from the server hosting qBit Manage, potentially exposing confidential information or configuration data. This can lead to information disclosure without altering or damaging the system.
What immediate steps should I take to mitigate this vulnerability?
The immediate step to mitigate this vulnerability is to upgrade qBit Manage to version 4.5.4 or later, where the path traversal vulnerability in the restore_config_from_backup endpoint has been fixed. Additionally, restrict access to the web API to trusted authenticated users only to reduce risk.