Path Traversal Vulnerability in Seventh D-Guard HTTP GET Request Handler
CVE-2025-1357

5.3MEDIUM

Key Information:

Vendor
Seventh
Status
D-guard
Vendor
CVE Published:
16 February 2025

Summary

A problematic vulnerability has been identified in the Seventh D-Guard, specifically within the HTTP GET Request Handler. This vulnerability enables path traversal, allowing an attacker to manipulate file paths and potentially gain unauthorized access to sensitive resources. The incident can be exploited remotely, posing significant security risks to affected systems. Despite the disclosure of the vulnerability to the vendor, no response has been received, increasing the urgency for users to assess their security measures.

Affected Version(s)

D-Guard 20250206

References

https://vuldb.com/?id.295965
vdb-entry
https://vuldb.com/?ctiid.295965
signaturepermissions-required
https://vuldb.com/?submit.496137
third-party-advisory

CVSS V4

Score:
5.3
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

c4ng4c3ir0 (VulDB User)
.