CVE-2025-2917
Published: 28 March 2025
Description
Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.
Security Summary
CVE-2025-2917 is a path traversal vulnerability classified under CWE-22, affecting ChestnutCMS versions up to 1.5.3. The issue resides in the readFile function within the /dev-api/cms/file/read endpoint, where manipulation of the filePath argument enables directory traversal. Published on 2025-03-28, it carries a CVSS v3.1 base score of 4.3 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N), rated as problematic.
An attacker with low privileges can exploit this vulnerability remotely over the network with low complexity and no user interaction required. Successful exploitation allows arbitrary file reads on the server, resulting in limited disclosure of sensitive information due to the low confidentiality impact.
Advisories referenced in VulDB (ctiid.301890, id.301890, submit.520933) and a Notion page detailing the arbitrary file read vulnerability provide further technical analysis and exploit information. No specific patch or mitigation details are outlined in the core CVE description.
The exploit has been publicly disclosed and may be used by attackers.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The vulnerability is a remote path traversal in a public-facing web application (enables T1190 Exploit Public-Facing Application) that directly allows arbitrary file reads from the local system (enables T1005 Data from Local System).