CVE-2025-11020 – A path traversal vulnerability in MarkAny SafeP... (How to Fix)

Q: What is the severity of CVE-2025-11020?

CVE-2025-11020 has a CVSS score of 8.8 (HIGH). A path traversal vulnerability in MarkAny SafePC Enterprise allows attackers to access server information, potentially enabling SQL injection and unrestricted file upload exploits. This affects SafePC Enterprise versions V7.0.* before V7.0.1 and all V5.*.* versions on Windows and Linux systems.

📋 TL;DR

A path traversal vulnerability in MarkAny SafePC Enterprise allows attackers to access server information, potentially enabling SQL injection and unrestricted file upload exploits. This affects SafePC Enterprise versions V7.0.* before V7.0.1 and all V5.*.* versions on Windows and Linux systems.

💻 Affected Systems

Products:

MarkAny SafePC Enterprise

Versions: V7.0.* (before V7.0.1) and V5.*.*

Operating Systems: Windows, Linux

Default Config Vulnerable: ⚠️ Yes

Notes: All default installations of affected versions are vulnerable. The vulnerability chain involves path traversal leading to potential SQL injection and file upload exploitation.

⚠️ Manual Verification Required

This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.

Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).

🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.

Recommended Actions:

Review the CVE details at NVD
Check vendor security advisories for your specific version
Test if the vulnerability is exploitable in your environment
Consider updating to the latest version as a precaution

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise through SQL injection leading to data exfiltration, privilege escalation, and remote code execution via malicious file uploads.

🟠

Likely Case

Unauthorized access to sensitive server information, potential data leakage, and limited file system access through path traversal.

🟢

If Mitigated

Limited information disclosure with no critical system access if proper input validation and file upload restrictions are implemented.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

The vulnerability chain requires multiple exploitation steps but appears to be unauthenticated based on the description.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: V7.0.1

Vendor Advisory: https://www.markany.com/enterprisesecurity

Restart Required: Yes

Instructions:

1. Download V7.0.1 patch from MarkAny vendor portal. 2. Backup current configuration. 3. Apply patch following vendor instructions. 4. Restart SafePC Enterprise services. 5. Verify patch installation.

🔧 Temporary Workarounds

Restrict File Upload Types

all

Configure SafePC to only allow specific safe file types for upload

Configure via SafePC admin interface: Settings > File Upload > Allowed Types = .txt,.pdf,.docx

Implement Web Application Firewall

all

Deploy WAF with path traversal and SQL injection protection rules

Configure WAF rules to block ../ patterns and SQL keywords in URLs

🧯 If You Can't Patch

Isolate vulnerable systems from internet access and restrict to internal network only
Implement strict network segmentation and monitor for unusual file upload or database access patterns

🔍 How to Verify

Check if Vulnerable:

Check SafePC version in admin interface or via command: safepc --version

Check Version:

safepc --version

Verify Fix Applied:

Verify version shows V7.0.1 or later, and test path traversal attempts return proper error messages

📡 Detection & Monitoring

Log Indicators:

Multiple ../ sequences in URL requests
Unusual file upload attempts with executable extensions
SQL error messages in application logs

Network Indicators:

HTTP requests with path traversal patterns
Unexpected database connection attempts from application server

SIEM Query:

source="safepc.log" AND ("../" OR "..\\" OR "SELECT" OR "UNION")

📊 Metadata

CVE ID: CVE-2025-11020

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-22

EPSS Score: 0.06% exploit probability (18.4th percentile)

Published: October 2, 2025

Last Updated: October 2, 2025

🔗 References

https://www.markany.com/enterprisesecurity?utm_campaign=markany_sa&utm_source=google_pc&utm_medium=gsa_pc&utm_term=cybersecurity&utm_content=&gad_source=1&gad_campaignid=21853187406&gbraid=0AAAAADOrb0lM8ZHyDytvnVwj9T--km9aM&gclid=Cj0KCQjwovPGBhDxARIsAFhgkwSh0F9hnsAoRTS8OnFI3KcF4_UMarYchq0uP5V1DiSQyKKVLdZPJNYaAiBuEALw_wcB

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-11020, you might also want to check these: