CVE-2025-13199 – This CVE describes a path traversal vulnerabili... (How to Fix)

Q: What is the severity of CVE-2025-13199?

CVE-2025-13199 has a CVSS score of 5.3 (MEDIUM). This CVE describes a path traversal vulnerability in Email Logging Interface 2.0 where manipulation of the Username argument allows attackers to access files outside the intended directory using '../filedir' sequences. Only users with local access to the system can exploit this vulnerability. The exploit has been publicly disclosed and could be used to read sensitive files.

📋 TL;DR

This CVE describes a path traversal vulnerability in Email Logging Interface 2.0 where manipulation of the Username argument allows attackers to access files outside the intended directory using '../filedir' sequences. Only users with local access to the system can exploit this vulnerability. The exploit has been publicly disclosed and could be used to read sensitive files.

💻 Affected Systems

Products:

Email Logging Interface

Versions: 2.0

Operating Systems: All operating systems where the software runs

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects installations where local users have access to the vulnerable interface. The specific function in signup.cpp is unknown.

📦 What is this software?

Email Logging Interface by Fabian

View all CVEs affecting Email Logging Interface →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker with local access could read sensitive system files, configuration files, or user data, potentially leading to credential theft, privilege escalation, or further system compromise.

🟠

Likely Case

Local users could read application configuration files, logs, or other data stored in adjacent directories, potentially exposing sensitive information.

🟢

If Mitigated

With proper file permissions and access controls, impact would be limited to files the application process already has permission to read.

🌐 Internet-Facing: LOW - The vulnerability requires local access according to the description.

🏢 Internal Only: MEDIUM - Local users can exploit this, but impact depends on file permissions and what sensitive data is accessible.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Proof of concept is publicly available on GitHub. Exploitation requires local access to the system.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://code-projects.org/

Restart Required: No

Instructions:

No official patch available. Check vendor website for updates. Consider implementing workarounds or replacing the software.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Implement strict input validation to reject any Username containing path traversal sequences like '../' or absolute paths.

File Permission Restrictions

all

Run the application with minimal file permissions and ensure sensitive directories have proper access controls.

🧯 If You Can't Patch

Restrict local access to the vulnerable interface using firewall rules or access controls
Monitor file access patterns and audit logs for suspicious '../' sequences in Username parameters

🔍 How to Verify

Check if Vulnerable:

Test if the Username parameter accepts '../' sequences by attempting to access known files outside the intended directory. Check application version against affected version.

Check Version:

Check application documentation or configuration files for version information. No standard command available.

Verify Fix Applied:

Verify that Username inputs containing '../' sequences are rejected or properly sanitized. Test that path traversal attempts fail.

📡 Detection & Monitoring

Log Indicators:

Log entries showing Username parameters containing '../' sequences
Unexpected file access patterns from the application

Network Indicators:

Local connections to the vulnerable interface from unauthorized users

SIEM Query:

Search for application logs containing '../' in Username field or unexpected file access events from the application process.

📊 Metadata

CVE ID: CVE-2025-13199

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-23

EPSS Score: 0.05% exploit probability (13.6th percentile)

Published: November 15, 2025

Last Updated: November 19, 2025

🔗 References

https://code-projects.org/ Product
https://github.com/asd1238525/cve/blob/main/Dir1c.md Exploit,Third Party Advisory
https://github.com/asd1238525/cve/blob/main/Dir1c.md#poc Exploit
https://vuldb.com/?ctiid.332497 Permissions Required,VDB Entry
https://vuldb.com/?id.332497 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.685549 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-13199, you might also want to check these: