CVE-2025-65879
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-05

Last updated on: 2025-12-12

Assigner: MITRE

Description
Warehouse Management System 1.2 contains an authenticated arbitrary file deletion vulnerability. The /goods/deleteGoods endpoint accepts a user-controlled goodsimg parameter, which is directly concatenated with the server's UPLOAD_PATH and passed to File.delete() without validation. A remote authenticated attacker can delete arbitrary files on the server by supplying directory traversal payloads.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-05
Last Modified
2025-12-12
Generated
2026-06-16
AI Q&A
2025-12-05
EPSS Evaluated
2026-06-15
NVD
CVE-2025-65879
EUVD
EUVD-2025-201418
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
yeqifu warehouse_management_system to 1.2 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-22 The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in Warehouse Management System 1.2 where an authenticated user can delete arbitrary files on the server. The /goods/deleteGoods endpoint takes a user-controlled parameter called goodsimg, which is concatenated directly with the server's UPLOAD_PATH and passed to the File.delete() function without any validation. This allows a remote authenticated attacker to use directory traversal payloads to delete files outside the intended directory.

Impact Analysis

This vulnerability can allow an attacker with authentication to delete arbitrary files on the server, potentially leading to loss of important data, disruption of service, or compromising the integrity of the system by removing critical files.

Compliance Impact

The vulnerability allows authenticated attackers to delete arbitrary files on the server, including system configuration, application files, uploaded data, and logs. This can lead to denial of service or complete application failure, potentially impacting the integrity and availability of sensitive data. Such impacts could result in non-compliance with standards and regulations like GDPR and HIPAA, which require protection of data integrity and availability. However, specific compliance implications are not detailed in the provided resources. [1]

Detection Guidance

This vulnerability can be detected by monitoring for suspicious POST requests to the /goods/deleteGoods endpoint containing directory traversal payloads in the goodsimg parameter, such as sequences like '../'. A proof of concept involves sending crafted POST requests with goodsimg values like '../a.txt' or '../../../../test.txt' to check if arbitrary files can be deleted. Network monitoring tools or web application firewalls can be configured to log or block such requests. Additionally, inspecting server logs for unexpected file deletions or errors related to file access may help detect exploitation attempts. [1]

Mitigation Strategies

Immediate mitigation steps include normalizing file paths and blocking traversal sequences such as '..' in the goodsimg parameter, rejecting absolute paths, enforcing file deletion only within a predefined whitelist directory, validating that the file to be deleted is genuinely associated with the goods entry, and using server-side file ID mapping instead of accepting direct file paths from user input. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-65879. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart