Cyber Posture

CVE-2025-70028

High

Published: 09 March 2026

Published
09 March 2026
Modified
01 April 2026
KEV Added
Patch
CVSS Score 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score 0.0007 20.6th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-70028 is a high-severity Path Traversal (CWE-22) vulnerability in Sunbird Sunbirded-Portal. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 20.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 1 other technique.
Threat & Defense Details

Likely Mitigating ControlsAI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

SI-10 Information Input Validation
addresses: CWE-22

Validates pathnames and filenames to prevent traversal outside intended directories.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
attack.mitre.org →
Why these techniques?

Path traversal in public-facing portal directly enables remote exploitation (T1190) resulting in application/system DoS via exploitation (T1499.004).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

An issue pertaining to CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4.

Deeper analysisAI

CVE-2025-70028 is a path traversal vulnerability (CWE-22: Improper Limitation of a Pathname to a Restricted Directory) discovered in Sunbird-Ed SunbirdEd-portal version 1.13.4. Published on 2026-03-09, it carries a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H), indicating high severity primarily due to its potential for significant availability disruption.

Unauthenticated attackers can exploit this vulnerability remotely over the network with low attack complexity and without requiring user interaction. Exploitation allows denial-of-service impacts, such as crashing services or causing resource exhaustion, while confidentiality and integrity remain unaffected due to the lack of C or I impact in the CVSS vector.

Mitigation details and advisories are referenced in the following resources: https://gist.github.com/zcxlighthouse/5efe962621a260331fc95ccbfb7f9e7f, https://github.com/Sunbird-Ed, and https://github.com/Sunbird-Ed/SunbirdEd-portal. Security practitioners should review these for patch availability or workarounds specific to the affected component.

Details

CWE(s)
CWE-22

Affected Products

sunbird
sunbirded-portal
1.13.4

CVEs Like This One

CVE-2025-70030Same product: Sunbird Sunbirded-Portal
CVE-2025-70027Same product: Sunbird Sunbirded-Portal
CVE-2025-70031Same product: Sunbird Sunbirded-Portal
CVE-2025-70029Same product: Sunbird Sunbirded-Portal
CVE-2025-70952Shared CWE-22
CVE-2025-3356Shared CWE-22
CVE-2026-31886Shared CWE-22
CVE-2025-59384Shared CWE-22
CVE-2025-15031Shared CWE-22
CVE-2026-7213Shared CWE-22

References