CVE-2025-0401 – This critical path traversal vulnerability in t... (How to Fix)

Q: What is the severity of CVE-2025-0401?

CVE-2025-0401 has a CVSS score of 5.3 (MEDIUM). This critical path traversal vulnerability in the Reggie 1.0 application allows attackers to access arbitrary files on the server by manipulating the 'name' parameter in the download function. Remote attackers can exploit this to read sensitive system files. All systems running the vulnerable version are affected.

📋 TL;DR

This critical path traversal vulnerability in the Reggie 1.0 application allows attackers to access arbitrary files on the server by manipulating the 'name' parameter in the download function. Remote attackers can exploit this to read sensitive system files. All systems running the vulnerable version are affected.

💻 Affected Systems

Products:

reggie

Versions: 1.0

Operating Systems: All platforms running Java

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the CommonController.java file in the download function. Any deployment using the vulnerable code is affected.

📦 What is this software?

Reggie by 1902756969

View all CVEs affecting Reggie →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete server compromise through reading sensitive configuration files, credentials, or system files leading to further exploitation.

🟠

Likely Case

Unauthorized access to sensitive application files, configuration data, or user information stored on the server.

🟢

If Mitigated

Limited impact with proper file system permissions and input validation in place.

🌐 Internet-Facing: HIGH - Remote exploitation possible with public exploit available.

🏢 Internal Only: MEDIUM - Internal attackers could still exploit but requires network access.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit disclosed in GitHub issues. Simple path traversal attack requiring minimal technical skill.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: Yes

Instructions:

1. Check GitHub repository for patches. 2. Apply input validation to sanitize 'name' parameter. 3. Implement proper path normalization. 4. Restart application after changes.

🔧 Temporary Workarounds

Input Validation Filter

all

Add server-side validation to reject path traversal sequences in the name parameter

Implement validation in CommonController.java to check for '../' and similar sequences

Web Application Firewall Rule

all

Block requests containing path traversal patterns

WAF rule to block requests with '../', '..\', or similar path traversal patterns

🧯 If You Can't Patch

Implement network segmentation to isolate vulnerable systems
Deploy web application firewall with path traversal detection rules

🔍 How to Verify

Check if Vulnerable:

Test by sending requests with '../' sequences in the name parameter to the download endpoint

Check Version:

Check application version in pom.xml or build configuration

Verify Fix Applied:

Verify that path traversal attempts return error responses instead of file contents

📡 Detection & Monitoring

Log Indicators:

HTTP requests with '../' sequences in parameters
Unusual file access patterns from download endpoint

Network Indicators:

Multiple requests with path traversal patterns to CommonController endpoints

SIEM Query:

source="web_logs" AND (uri="*CommonController*" AND param="*../*")

📊 Metadata

CVE ID: CVE-2025-0401

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE: CWE-22

EPSS Score: 0.23% exploit probability (45.1th percentile)

Published: January 13, 2025

Last Updated: October 21, 2025

🔗 References

https://github.com/1902756969/reggie/issues/1 Issue Tracking
https://github.com/1902756969/reggie/issues/1#issue-2765577260 Not Applicable
https://vuldb.com/?ctiid.291276 Permissions Required,VDB Entry
https://vuldb.com/?id.291276 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.473322 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-0401, you might also want to check these: