CVE-2025-1336
Published: 16 February 2025
Summary
CVE-2025-1336 is a medium-severity Path Traversal (CWE-22) vulnerability in Cmseasy Cmseasy. Its CVSS base score is 4.3 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 28.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly mitigates path traversal in the imgname parameter by enforcing input validation mechanisms to restrict file paths to authorized directories.
Requires identification, reporting, and timely remediation of the path traversal flaw in deleteimg_action to eliminate the vulnerability.
Enforces least privilege to restrict access to the vulnerable admin image deletion function, limiting exploitation to only necessary low-privilege users.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Path traversal vulnerability in public-facing CMS enables exploitation (T1190) and arbitrary file deletion for indicator removal (T1070.004).
NVD Description
A vulnerability has been found in CmsEasy 7.7.7.9 and classified as problematic. Affected by this vulnerability is the function deleteimg_action in the library lib/admin/image_admin.php. The manipulation of the argument imgname leads to path traversal. The attack can be launched remotely.…
more
The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Deeper analysisAI
CVE-2025-1336 is a path traversal vulnerability (CWE-22) affecting CmsEasy version 7.7.7.9. The issue resides in the deleteimg_action function within the library file lib/admin/image_admin.php, where the imgname argument can be manipulated to traverse directories outside the intended path. This vulnerability has a CVSS v3.1 base score of 4.3 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N), classifying it as medium severity with low confidentiality impact and no impact on integrity or availability.
The vulnerability can be exploited remotely by an authenticated attacker with low privileges (PR:L), requiring only network access and low attack complexity. Successful exploitation allows the attacker to read arbitrary files on the server by leveraging the path traversal in the imgname parameter, potentially exposing sensitive configuration data, source code, or other files outside the web root.
Advisories from VulDB and a public GitHub disclosure detail the vulnerability, including a proof-of-concept exploit. The vendor was notified early but has not responded or issued a patch. Security practitioners should restrict access to the affected admin functionality, implement input validation and sanitization for file paths, and monitor for exploitation attempts using the disclosed PoC.
Details
- CWE(s)