CVE-2025-65287

Severity CVSS v4.0:

Pending analysis

Type:

Unavailable / Other

Publication date:

09/12/2025

Last modified:

09/12/2025

Description

An unauthenticated directory traversal vulnerability in cgi-bin/upload.cgi in SNMP Web Pro 1.1 allows a remote attacker to read arbitrary files. The CGI concatenates the user-supplied params directly onto the base path (/var/www/files/userScript/) using memcpy + strcat without validation or canonicalization, enabling ../ sequences to escape the intended directory. The download branch also echoes the unsanitized params into Content-Disposition, introducing header-injection risk.

Impact

References to Advisories, Solutions, and Tools

https://damiri.fr/en/cve/CVE-2025-65287