CVE-2025-34181
Published: 15 December 2025
Summary
CVE-2025-34181 is a high-severity Path Traversal (CWE-22) vulnerability in Netsupportsoftware (inferred from references). Its CVSS base score is 8.7 (High).
Operationally, ranked in the top 24.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
NetSupport Manager versions prior to 14.12.0001 contain an arbitrary file write vulnerability, tracked as CVE-2025-34181 and assigned CWE-22, that resides in the Connectivity Server/Gateway PUTFILE request handler. The flaw permits path traversal via specially crafted filenames, allowing writes outside intended directories on the server.
An attacker who possesses a valid Gateway Key can supply a malicious filename containing directory traversal sequences to place attacker-controlled DLLs or executables in privileged locations. Successful exploitation yields remote code execution in the context of the NetSupport Manager connectivity service, with a CVSS 4.0 score of 8.7 reflecting network-accessible attack vector, low complexity, and high impact on confidentiality, integrity, and availability.
The vendor knowledge base article on updating and securing NetSupport Manager addresses remediation steps, while independent analysis from VulnCheck and researcher write-ups provide further technical context on the path-traversal vector. The associated EPSS score rose from a low baseline to a recorded peak of 0.0162, indicating increased exploitation interest after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-203378
Vulnerability details
NetSupport Manager < 14.12.0001 contains an arbitrary file write vulnerability in its Connectivity Server/Gateway PUTFILE request handler. An attacker with a valid Gateway Key can supply a crafted filename containing directory traversal sequences to write files to arbitrary locations on…
more
the server. This can be leveraged to place attacker-controlled DLLs or executables in privileged paths and achieve remote code execution in the context of the NetSupport Manager connectivity service.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Validates pathnames and filenames to prevent traversal outside intended directories.