Cyber Resilience

CVE-2025-11631

LowPublic PoC

Published: 12 October 2025

Published
12 October 2025
Modified
29 April 2026
KEV Added
Patch
CVSS Score v4 2.1 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0016 36.6th percentile
Risk Priority 4 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-11631 is a low-severity Path Traversal (CWE-22) vulnerability in Docsys Project Docsys. Its CVSS base score is 2.1 (Low).

Operationally, exploitation aligns with the MITRE ATT&CK technique File Deletion (T1070.004); ranked at the 36.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and AC-3 (Access Enforcement).

Deeper analysis

CVE-2025-11631 is a path traversal vulnerability (CWE-22) in RainyGao DocSys versions up to 2.02.36. The flaw affects an unknown functionality within the /Doc/deleteDoc.do endpoint, where manipulation of the "path" argument enables attackers to traverse directories and access or manipulate files outside the intended scope.

The vulnerability is remotely exploitable over the network (AV:N) with low attack complexity (AC:L), requiring low privileges (PR:L) and no user interaction (UI:N). Successful exploitation results in low impacts to integrity (I:L) and availability (A:L) with no confidentiality impact (C:N) and unchanged scope (S:U), as indicated by its CVSS v3.1 base score of 5.4. Authenticated users with minimal access can leverage the path traversal to delete arbitrary files.

Advisories note that the vendor was contacted early about the issue but provided no response, and no patches or official mitigations are available. References, including VulDB entries and GitHub repositories, disclose a public proof-of-concept exploit that demonstrates the arbitrary file deletion capability, which may already be in use by attackers.

EU & UK References

Vulnerability details

A vulnerability was determined in RainyGao DocSys up to 2.02.36. Affected by this vulnerability is an unknown functionality of the file /Doc/deleteDoc.do. Executing manipulation of the argument path can lead to path traversal. The attack can be launched remotely. The…

more

exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1070.004 File Deletion Stealth
Adversaries may delete files left behind by the actions of their intrusion activity.
T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Path traversal in /Doc/deleteDoc.do enables exploitation of a public-facing web application (T1190) for arbitrary remote file deletion (T1070.004), impacting integrity and availability.

CVEs Like This One

CVE-2025-11630Same product: Docsys Project Docsys
CVE-2025-15492Same product: Docsys Project Docsys
CVE-2025-15494Same product: Docsys Project Docsys
CVE-2025-15493Same product: Docsys Project Docsys
CVE-2026-3666Shared CWE-22
CVE-2018-25308Shared CWE-22
CVE-2026-22460Shared CWE-22
CVE-2025-69377Shared CWE-22
CVE-2025-14850Shared CWE-22
CVE-2025-26752Shared CWE-22

Affected Assets

docsys project
docsys
≤ 2.02.36

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires validation of the path argument on /Doc/deleteDoc.do to reject traversal sequences before arbitrary file deletion can occur.

prevent

Enforces access-control policy on file-system operations so that even a successfully traversed path cannot result in unauthorized deletion.

prevent

Limits authenticated users to the minimum privileges needed, reducing the ability of low-privilege accounts to delete files outside intended directories.

References