CVE-2025-41073
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-23

Last updated on: 2025-10-30

Assigner: Spanish National Cybersecurity Institute, S.A. (INCIBE)

Description
Path Traversal vulnerability in version 4.4.2236.1 of TESI Gandia Integra Total. This issue allows an authenticated attacker to download a ZIP file containing files from the server, including those located in parent directories (e.g., ..\..\..), by exploiting the β€œdirestudio” parameter in β€œ/encuestas/integraweb[_v4]/integra/html/view/comprimir.php”.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-23
Last Modified
2025-10-30
Generated
2026-06-16
AI Q&A
2025-10-23
EPSS Evaluated
2026-06-15
NVD
CVE-2025-41073
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
tesigandia gandia_integra_total 4.4.2236.1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-22 The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Mitigation Strategies

The immediate mitigation step is to upgrade TESI Gandia Integra Total to version 4.4.2446.2 or later, where this vulnerability has been fixed. Until the upgrade can be applied, restrict access to the vulnerable endpoint and ensure that only trusted authenticated users can access the system to reduce the risk of exploitation. [1]

Executive Summary

CVE-2025-41073 is a path traversal vulnerability in TESI Gandia Integra Total version 4.4.2236.1. It allows an authenticated attacker to exploit the β€œdirestudio” parameter in a specific PHP file to download a ZIP file containing arbitrary files from the server, including files located in parent directories by using directory traversal sequences like ..\..\.. This means the attacker can access files outside the intended directory. [1]

Impact Analysis

This vulnerability can allow an attacker with valid authentication to download sensitive or unauthorized files from the server, potentially exposing confidential data. Although it does not impact integrity or availability, the unauthorized disclosure of files can lead to information leakage and compromise of sensitive information stored on the server. [1]

Detection Guidance

This vulnerability can be detected by attempting to exploit the 'direstudio' parameter in the URL path '/encuestas/integraweb[_v4]/integra/html/view/comprimir.php' with directory traversal sequences such as '..\..\..' to see if arbitrary files can be downloaded in a ZIP file. For example, using curl or wget commands to send authenticated requests to this endpoint with crafted 'direstudio' parameter values may help detect the vulnerability. Specific commands are not provided in the resources. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-41073. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart