Security Flaw in Pingvin Share File Sharing Platform by Stonith404
CVE-2025-22137

Currently unrated

Key Information:

Vendor: Stonith404
Status: Pingvin Share
Vendor: CVE Published:; 8 January 2025

What is CVE-2025-22137?

An issue in Pingvin Share permits both authenticated and anonymous users (if allowed) to overwrite arbitrary files on the server through HTTP POST requests. This includes the potential to compromise sensitive system files, posing a significant risk to file integrity. The vulnerability has been rectified in version 1.4.0.

References

https://github.com/stonith404/pingvin-share/commit/6cf5c6...

https://github.com/stonith404/pingvin-share/commit/c52ec7...

https://github.com/stonith404/pingvin-share/security/advi...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 8, 2025

CVE-2025-22137 Data

JSON