CVE-2025-14965
Path Traversal in Yougou-Mall Upload Function Allows File Access
Publication date: 2025-12-19
Last updated on: 2025-12-19
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| yougou | yougou-mall | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-22 | The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided resources do not contain information regarding the impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.
Can you explain this vulnerability to me?
CVE-2025-14965 is a path traversal vulnerability in the upload function of the ResourceController.java file in the yougou-mall project. The vulnerability occurs because the application uses external input to build file paths without properly sanitizing or neutralizing special path elements. This allows an attacker to manipulate the pathname to access files or directories outside the intended restricted directory, leading to unauthorized access to the file system. It is classified under CWE-22 and can impact confidentiality, integrity, and availability of the system. [1]
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized access to files outside the intended directory, potentially allowing attackers to read, modify, or delete sensitive files. It can also enable remote code execution (getshell) and directory traversal attacks, compromising the confidentiality, integrity, and availability of the affected system. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for unusual file upload activity, especially attempts to upload files with manipulated pathnames or unexpected file suffixes. Since the vulnerability involves path traversal via the upload function, detection can include checking logs for suspicious file paths containing traversal sequences like '../'. Network or application logs should be inspected for such patterns. Specific commands depend on the environment, but example commands include searching web server logs for path traversal patterns, e.g., using grep: `grep -r "\.\./" /var/log/your-webserver/` or monitoring upload endpoints for unexpected file suffixes. Additionally, scanning the application source code for unsafe concatenation of file paths in the upload function can help detect the vulnerability. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include disabling or restricting the upload functionality until a fix is applied, implementing strict validation and sanitization of file paths and file suffixes in the upload function to prevent path traversal and arbitrary file uploads, and monitoring for suspicious upload activity. Since no known countermeasures or patches are documented and the product uses a rolling release model without specific version details, consider replacing the affected component with an alternative product. Applying strict access controls and limiting privileges of the upload process can also reduce impact. [1, 2]