CVE-2025-10472
BaseFortify
Publication date: 2025-09-15
Last updated on: 2025-11-21
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| harry0703 | moneyprinterturbo | to 1.2.6 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a path traversal flaw in the MoneyPrinterTurbo software (up to version 1.2.6). It occurs in the download_video and stream_video functions of the video.py file, where the file_path argument is not properly validated. This allows an attacker to manipulate the file_path parameter to access files outside the intended directory on the server. The attack can be performed remotely without authentication, enabling unauthorized reading of arbitrary files on the server. [1, 2]
How can this vulnerability impact me? :
The vulnerability can impact you by allowing an attacker to remotely read sensitive files from your server without any authentication. This compromises the confidentiality of your data, potentially exposing private or critical information stored on the server. Since the exploit is publicly available and easy to execute, it poses a moderate security risk. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring requests to the `/api/v1/download/` endpoint for suspicious file_path parameters that include path traversal patterns such as '../'. Network or web server logs can be searched for such patterns. For example, using grep on access logs: `grep '\.\./' /var/log/nginx/access.log` or `grep '\.\./' /var/log/httpd/access_log`. Additionally, scanning for unusual or unauthorized file access attempts to sensitive files outside the intended directory can help detect exploitation attempts. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include replacing the affected MoneyPrinterTurbo software version 1.2.6 with an alternative product or a patched version if available. Since no known countermeasures or mitigations have been reported, restricting access to the vulnerable endpoint, implementing web application firewall (WAF) rules to block path traversal patterns in the file_path parameter, and monitoring for exploitation attempts are recommended as temporary measures. [2]