CVE-2025-54769
Published: 29 July 2025
Summary
CVE-2025-54769 is a high-severity Path Traversal: '../filedir' (CWE-24) vulnerability in Xorux Lpar2Rrd. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 7.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-6 (Least Privilege) and SI-10 (Information Input Validation).
Deeper analysis
CVE-2025-54769 is a path traversal vulnerability affecting an application that permits file uploads and relies on Perl modules. An authenticated read-only user can combine an upload with directory traversal to write an arbitrary file to any location on the server, including locations that overwrite existing Perl modules.
An attacker with read-only credentials can exploit the flaw over the network without user interaction to place a malicious module that the application subsequently loads, resulting in remote code execution with impacts on confidentiality, integrity, and availability. The CVSS 3.1 base score of 8.8 reflects the low attack complexity and the privilege escalation from read-only to full system control.
Public advisories referenced at korelogic.com, lpar2rrd.com, and seclists.org detail the issue and are the primary sources for patch or configuration guidance. The associated EPSS score has remained flat at 0.0934 with no material increase since disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-22956
Vulnerability details
An authenticated, read-only user can upload a file and perform a directory traversal to have the uploaded file placed in a location of their choosing. This can be used to overwrite existing PERL modules within the application to achieve remote…
more
code execution (RCE) by an attacker.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Direct RCE via authenticated file upload + directory traversal in public-facing web app (LPAR2RRD).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Validates uploaded file names and paths to directly prevent directory traversal and unrestricted file placement exploits.
Enforces least privilege to deny read-only authenticated users the ability to perform file upload and write operations.
Restricts unauthorized information inputs such as file uploads for read-only users, blocking the initial exploitation vector.