8.7

CVE-2025-53880

susemanager-tftpsync-recv allows arbitrary file creation and deletion due to path traversal

A Path Traversal vulnerability in the tftpsync/add and tftpsync/delete scripts allows a remote attacker on an adjacent network to write or delete files on the filesystem with the privileges of the unprivileged wwwrun user. Although the endpoint is unauthenticated, access is restricted to a list of allowed IP addresses.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerSUSE
Produkt Container suse/manager/4.3/proxy-httpd:latest
Default Statusunaffected
Version ?
Version < 4.3.11-150400.3.15.3
Status affected
HerstellerSUSE
Produkt Container suse/manager/5.0/x86_64/proxy-httpd:latest
Default Statusunaffected
Version ?
Version < 5.0.3-150600.3.6.4
Status affected
HerstellerSUSE
Produkt Container suse/multi-linux-manager/5.1/x86_64/proxy-httpd:latest
Default Statusunaffected
Version ?
Version < 5.1.3-150700.3.3.3
Status affected
HerstellerSUSE
Produkt SUSE Manager Proxy LTS 4.3
Default Statusunaffected
Version ?
Version < 4.3.11-150400.3.15.3
Status affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.43% 0.628
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
meissner@suse.de 8.7 0 0
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
CWE-35 Path Traversal: '.../...//'

The product uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize '.../...//' (doubled triple dot slash) sequences that can resolve to a location that is outside of that directory.