Cyber Resilience

CVE-2025-53534

High

Published: 05 August 2025

Published
05 August 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score v4 7.7 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0230 85.1th percentile
Risk Priority 17 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-53534 is a high-severity Authentication Bypass by Primary Weakness (CWE-305) vulnerability. Its CVSS base score is 7.7 (High).

Operationally, ranked in the top 14.9% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

RatPanel, a server operation and maintenance management panel, contains an authentication bypass vulnerability in versions 2.3.19 through 2.5.5. The flaw stems from improper use of the CleanPath middleware in the github.com/go-chi/chi package, which fails to sanitize r.URL.Path and allows path misinterpretation. This leads to remote code execution or full host takeover, along with broader unauthorized access, when an attacker reaches the backend login endpoint. The issue is tracked under CWE-305 and was corrected in version 2.5.6.

An attacker who first discovers or brute-forces the panel's backend login path can exploit the vulnerability without valid credentials. Successful exploitation grants the ability to run arbitrary system commands on the RatPanel host or seize control of any servers managed through the panel.

Public advisories and the associated patch release recommend immediate upgrade to RatPanel 2.5.6. The fix is detailed in the project commit ed5c74c and the GitHub Security Advisory GHSA-fm3m-jrgm-5ppg.

The EPSS score has remained flat at 0.0230 with no observed increase after disclosure.

EU & UK References

Vulnerability details

RatPanel is a server operation and maintenance management panel. In versions 2.3.19 through 2.5.5, when an attacker obtains the backend login path of RatPanel (including but not limited to weak default paths, brute-force cracking, etc.), they can execute system commands…

more

or take over hosts managed by the panel without logging in. In addition to this remote code execution (RCE) vulnerability, the flawed code also leads to unauthorized access. RatPanel uses the CleanPath middleware provided by github.com/go-chi/chi package to clean URLs, but but the middleware does not process r.URL.Path, which can cause the paths to be misinterpreted. This is fixed in version 2.5.6.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

In
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References