Directory Traversal Vulnerability in NextChat by ChatGPTNextWeb
CVE-2025-50735

7.5HIGH

Key Information:

Vendor: ChatGPTNextWeb
Status: NextChat
Vendor: CVE Published:; 3 November 2025

🔔 Create ChatGPTNextWeb Vulnerability Alert

What is CVE-2025-50735?

A directory traversal vulnerability exists in NextChat, specifically in versions up to 2.16.0, caused by the WebDAV proxy's inability to properly sanitize or reject dot path segments. This flaw allows both authenticated users and anonymous attackers to exploit the catch-all route, potentially leading to unauthorized access to sensitive information stored on the server through WebDAV endpoints.

References

https://github.com/ChatGPTNextWeb/NextChat/blob/main/app/...

https://github.com/fai1424/Vulnerability-Research/tree/ma...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 3, 2025
Vulnerability Reserved
Jun 16, 2025

JSON