Cyber Resilience

CVE-2025-23011

High

Published: 23 January 2025

Published
23 January 2025
Modified
19 September 2025
KEV Added
Patch
CVSS Score v4 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0071 48.9th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2025-23011 is a high-severity Relative Path Traversal (CWE-23) vulnerability in Fedorarepository Fcrepo. Its CVSS base score is 8.7 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 48.9th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SA-22 (Unsupported System Components) and SI-10 (Information Input Validation).

Deeper analysis

Fedora Repository 3.8.1 contains a path traversal vulnerability, also known as Zip Slip, that occurs during extraction of uploaded archive files. The flaw is tracked as CWE-23 and carries a CVSS 4.0 score of 8.7. The affected component is the archive-handling logic in this specific release, which has been unsupported since its 2015 publication.

A remote attacker who already possesses an authenticated account can upload a malicious archive containing path traversal sequences. Successful exploitation writes an arbitrary JSP file into a web-accessible directory, after which an unauthenticated GET request can execute the planted code and obtain code execution on the server.

The supplied references direct administrators to the current Fedora Repository release line and to migration utilities hosted on GitHub. They explicitly recommend moving from the unsupported 3.8.1 version to a maintained release such as 6.5.1.

The associated EPSS score remains low, with a recorded peak of only 0.0321.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Fedora Repository 3.8.1 allows path traversal when extracting uploaded archives ("Zip Slip"). A remote, authenticated attacker can upload a specially crafted archive that will extract an arbitrary JSP file to a location that can be executed by an unauthenticated GET…

more

request. Fedora Repository 3.8.1 was released on 2015-06-11 and is no longer maintained. Migrate to a currently supported version (6.5.1 as of 2025-01-23).

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1505.003 Web Shell Persistence
Adversaries may backdoor web servers with web shells to establish persistent access to systems.
Why these techniques?

Path traversal in public-facing Fedora Repository archive extraction enables authenticated upload of crafted zip to write executable JSP web shell for RCE via unauthenticated GET.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-23012Same product: Fedorarepository Fcrepo
CVE-2026-8361Shared CWE-23
CVE-2026-25057Shared CWE-23
CVE-2025-25130Shared CWE-23
CVE-2026-33494Shared CWE-23
CVE-2025-7619Shared CWE-23
CVE-2026-5422Shared CWE-23
CVE-2025-55747Shared CWE-23
CVE-2026-25951Shared CWE-23
CVE-2026-1022Shared CWE-23

Affected Assets

fedorarepository
fcrepo
≤ 6.5.1

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Flaw remediation directly addresses the path traversal vulnerability in archive extraction by requiring updates to a supported version like 6.5.1.

prevent

Prohibits use of unsupported system components like Fedora Repository 3.8.1, which is unmaintained and vulnerable to Zip Slip exploitation.

prevent

Information input validation enforces checks on archive paths during extraction to block path traversal attempts outside intended directories.

References