CVE-2025-8753
BaseFortify
Publication date: 2025-08-09
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| linlinjava | litemall | to 1.8.0 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-8753 is a critical path traversal vulnerability in the linlinjava Litemall system (up to version 1.8.0) affecting the /admin/storage/delete endpoint. Authenticated users with delete permissions can manipulate the 'key' parameter, which represents the file path to be deleted, without proper validation or sanitization. This allows attackers to specify arbitrary file paths, including critical system files, leading to arbitrary file deletion on the server. [1, 3]
How can this vulnerability impact me? :
This vulnerability allows attackers with valid credentials and delete permissions to delete any file on the server, including critical system or application files. The impact includes denial of service due to loss of important files, potential system instability, and facilitation of further attacks or privilege escalation. [1, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for suspicious POST requests to the /admin/storage/delete endpoint containing a JSON body with a "key" parameter that includes path traversal patterns such as "../". For example, you can use network monitoring tools or web server logs to search for such requests. A sample command using grep on web server logs might be: grep '/admin/storage/delete' access.log | grep 'key=.*\.\./' to find attempts with path traversal in the key parameter. Additionally, inspecting application logs for delete operations with unusual file paths can help detect exploitation attempts. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting or disabling the /admin/storage/delete endpoint if possible, especially for users who do not require delete permissions. Ensure that only trusted and authenticated users with proper permissions can access this endpoint. Implement input validation and sanitization on the "key" parameter to prevent path traversal, such as enforcing whitelist of allowed file paths or canonicalizing paths before deletion. If a patch or updated version of Litemall is available, apply it promptly. If no patch exists, consider replacing the affected component with an alternative product as no known countermeasures currently exist. [1, 2]