CVE-2025-49153NVD

Vulnerability Summary

The affected products could allow an unauthenticated attacker to overwrite files and execute arbitrary code.

Severity Level

CRITICAL(9.3)

Published Date

Jun 25, 2025

Last Modified

Jul 17, 2025

Exploitation Status

????

EPSS Score (30-Day)

Data Pending

Root Weakness (CWE)

CWE-22: Path Traversal ↗

The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory.

CVSS v4.0 Base Metrics

Attack VectorNetwork

Attack ComplexityLow

Privileges RequiredNone

User InteractionNone

External References

https://www.cisa.gov/news-events/ics-advisories/icsa-25-175-07

Critical Alert 1 Active Exploit Detected Today

CVE Watchtower

CVE-2025-49153NVD

Vulnerability Summary

External References