CVE-2025-53880
Published: 30 October 2025
Summary
CVE-2025-53880 is a high-severity Path Traversal: '.../...//' (CWE-35) vulnerability in Suse (inferred from references). Its CVSS base score is 8.7 (High).
Operationally, ranked in the top 36.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-36998
Vulnerability details
A Path Traversal vulnerability in the tftpsync/add and tftpsync/delete scripts allows a remote attacker on an adjacent network to write or delete files on the filesystem with the privileges of the unprivileged wwwrun user. Although the endpoint is unauthenticated, access…
more
is restricted to a list of allowed IP addresses.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.