Path Traversal Vulnerability in SS1 by DOS
CVE-2025-54819

7.1HIGH

Key Information:

Vendor: Dos Co., Ltd.
Status: Ss1; Ss1 Cloud
Vendor: CVE Published:; 28 August 2025

🔔 Create Dos Co., Ltd. Vulnerability Alert

What is CVE-2025-54819?

A Path Traversal vulnerability exists in the SS1 product line that could allow an authenticated remote attacker to exploit improperly restricted pathnames to gain access to sensitive files. This could lead to the unintended overwriting of legitimate files, posing significant risks to data integrity. Users of SS1 versions earlier than 16.0.0.10 and Media version 16.0.0a are particularly at risk and should ensure proper updates and configurations to mitigate this issue.

Affected Version(s)

SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier)

SS1 Cloud Ver.2.1.3 and earlier

References

https://www.dos-osaka.co.jp/news/2025/08/250827.html

https://jvn.jp/en/jp/JVN99577552/

CVSS V4

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

CVSS V3.0

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 28, 2025
Vulnerability Reserved
Aug 25, 2025