CVE-2025-13261 – A path traversal vulnerability in the lsfusion ... (How to Fix)

Q: What is the severity of CVE-2025-13261?

CVE-2025-13261 has a CVSS score of 5.3 (MEDIUM). A path traversal vulnerability in the lsfusion platform allows attackers to manipulate the Version parameter in DownloadFileRequestHandler to access arbitrary files on the server. This affects lsfusion platform versions up to 6.1. Remote exploitation is possible without authentication.

📋 TL;DR

A path traversal vulnerability in the lsfusion platform allows attackers to manipulate the Version parameter in DownloadFileRequestHandler to access arbitrary files on the server. This affects lsfusion platform versions up to 6.1. Remote exploitation is possible without authentication.

💻 Affected Systems

Products:

lsfusion platform

Versions: Up to and including version 6.1

Operating Systems: All operating systems running lsfusion

Default Config Vulnerable: ⚠️ Yes

Notes: All deployments using affected versions are vulnerable by default. The vulnerability exists in the web-client component.

📦 What is this software?

Lsfusion Platform by Lsfusion

View all CVEs affecting Lsfusion Platform →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could read sensitive system files, configuration files, or application data, potentially leading to credential theft, data exfiltration, or further system compromise.

🟠

Likely Case

Unauthorized access to application files, configuration files, or other files accessible to the web server process, potentially exposing sensitive information.

🟢

If Mitigated

Limited impact if proper file system permissions restrict web server access to sensitive directories and files.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

The exploit has been made public and requires minimal technical skill to execute. Remote exploitation is confirmed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version 6.2 or later

Vendor Advisory: https://github.com/lsfusion/platform/issues/1543

Restart Required: Yes

Instructions:

1. Upgrade lsfusion platform to version 6.2 or later. 2. Restart the lsfusion service. 3. Verify the fix by testing the vulnerable endpoint.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement input validation to reject path traversal sequences in the Version parameter

Configure web application firewall to block requests containing '../' or similar sequences

Access Restriction

all

Restrict network access to the lsfusion web interface

Configure firewall rules to limit access to trusted IP addresses only

🧯 If You Can't Patch

Implement strict file system permissions to limit what files the web server process can access
Deploy a web application firewall (WAF) with path traversal protection rules

🔍 How to Verify

Check if Vulnerable:

Check if lsfusion version is 6.1 or earlier. Test by attempting to access files using path traversal in the Version parameter.

Check Version:

Check the lsfusion version in the application interface or configuration files

Verify Fix Applied:

After upgrading to version 6.2+, test that path traversal attempts in the Version parameter are properly rejected.

📡 Detection & Monitoring

Log Indicators:

HTTP requests with suspicious Version parameter values containing '../' or similar sequences
Failed file access attempts from web server process

Network Indicators:

HTTP requests to DownloadFileRequestHandler endpoint with manipulated Version parameters

SIEM Query:

source="web_server_logs" AND (uri="*DownloadFileRequestHandler*" AND (param="*../*" OR param="*..\\*"))

📊 Metadata

CVE ID: CVE-2025-13261

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE: CWE-22

EPSS Score: 0.27% exploit probability (49.9th percentile)

Published: November 17, 2025

Last Updated: December 1, 2025

🔗 References

https://github.com/lsfusion/platform/issues/1543 Exploit,Issue Tracking,Vendor Advisory
https://github.com/lsfusion/platform/issues/1543#issue-3576922131 Exploit,Issue Tracking,Vendor Advisory
https://vuldb.com/?ctiid.332596 Permissions Required,VDB Entry
https://vuldb.com/?id.332596 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.689412 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-13261, you might also want to check these: