Path Traversal Vulnerability in Group-Office by Intermesh BV
CVE-2025-53505

5.3MEDIUM

Key Information:

Vendor: Intermesh Bv
Status: Group-office
Vendor: CVE Published:; 21 August 2025

🔔 Create Intermesh Bv Vulnerability Alert

What is CVE-2025-53505?

Group-Office, a collaboration tool provided by Intermesh BV, is susceptible to a path traversal vulnerability that can lead to unauthorized access to sensitive data on the server. Versions before 6.8.119 and 25.0.20 are affected. If exploited, this vulnerability allows attackers to navigate the filesystem and access confidential information, posing a significant risk to the integrity and security of the data hosted on the server.

Affected Version(s)

Group-Office prior to 6.8.119

Group-Office prior to 25.0.20

References

https://www.group-office.com/

https://jvn.jp/en/jp/JVN72111431/

CVSS V4

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

CVSS V3.0

Score:

4.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 21, 2025
Vulnerability Reserved
Jul 1, 2025

JSON