Cyber Resilience

CVE-2025-34126

HighPublic PoC

Published: 16 July 2025

Published
16 July 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v4 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.8467 99.4th percentile
Risk Priority 68 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-34126 is a high-severity Path Traversal (CWE-22) vulnerability. Its CVSS base score is 8.7 (High).

Operationally, ranked in the top 0.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

A path traversal vulnerability exists in RIPS Scanner version 0.54. The flaw, tracked as CWE-22, resides in the windows/code.php script and permits remote attackers to supply a manipulated file parameter in HTTP GET requests, enabling arbitrary file reads on the underlying system using the web server's privileges and resulting in sensitive information disclosure. The issue carries a CVSS 4.0 score of 8.7 reflecting network attack vector, low complexity, and no required authentication or user interaction.

Unauthenticated remote attackers can exploit the vulnerability by crafting requests to the affected script, achieving read access to any file accessible by the web server process. This can expose configuration files, source code, or other sensitive data stored on the host.

Public references include a 2015 technical write-up, a Metasploit auxiliary scanner module, an Exploit-DB entry, and a VulnCheck advisory, indicating the issue has been known and weaponized for years. The associated EPSS score stands at 0.8467 with an identical recorded peak, showing sustained but not recently increasing exploitation probability.

EU & UK References

Vulnerability details

A path traversal vulnerability exists in RIPS Scanner version 0.54. The vulnerability allows remote attackers to read arbitrary files on the system with the privileges of the web server by sending crafted HTTP GET requests to the 'windows/code.php' script with…

more

a manipulated 'file' parameter. This can lead to disclosure of sensitive information.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

RIPS Scanner
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-22

Validates pathnames and filenames to prevent traversal outside intended directories.

References