Directory Traversal Vulnerability in LiquidFiles by LiquidFiles
CVE-2025-46094

3.8LOW

Key Information:

Vendor: Liquidfiles
Status: Liquidfiles
Vendor: CVE Published:; 4 August 2025

🔔 Create Liquidfiles Vulnerability Alert

What is CVE-2025-46094?

A directory traversal vulnerability exists in LiquidFiles versions before 4.1.2, allowing attackers to gain unauthorized access to the filesystem. This issue arises when a local executable file path is improperly configured in ActionScript, leading to potential exposure of sensitive files and data. Organizations utilizing affected versions are urged to update to the latest version to mitigate risks associated with this flaw.

Affected Version(s)

LiquidFiles 0 < 4.1.2

References

https://docs.liquidfiles.com/release_notes/version_4-1-x....

https://projectblack.io/blog/liquidfiles-vulnerability-au...

CVSS V3.1

Score:

3.8

Severity:

LOW

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 4, 2025
Vulnerability Reserved
Apr 22, 2025

CVE-2025-46094 Data

JSON