Login Sign Up

CVE-2025-13435

5.6 MEDIUM
Path Traversal

📋 TL;DR

CVE-2025-13435 is a path traversal vulnerability in Dreampie Resty's HttpClient module that allows attackers to access arbitrary files on the server by manipulating filename parameters. This affects Dreampie Resty up to version 1.3.1.SNAPSHOT. The vulnerability can be exploited remotely but requires complex attack conditions.

💻 Affected Systems

Products:
  • Dreampie Resty
Versions: Up to and including 1.3.1.SNAPSHOT
Operating Systems: All platforms running Java
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects applications using the vulnerable HttpClient module with filename parameter handling.

📦 What is this software?

Resty by Dreampie

View all CVEs affecting Resty →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could read sensitive system files, configuration files, or application source code, potentially leading to credential theft, system compromise, or data exfiltration.

🟠

Likely Case

Limited file read access within the application's directory or accessible file system paths, potentially exposing configuration files or application data.

🟢

If Mitigated

With proper input validation and file system restrictions, impact would be limited to non-sensitive files or prevented entirely.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: HIGH

Exploit has been publicly disclosed but requires specific conditions and parameter manipulation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not available

Vendor Advisory: Not available

Restart Required: No

Instructions:

No official patch available. Consider workarounds or alternative libraries.

🔧 Temporary Workarounds

Input Validation and Sanitization

all

Implement strict input validation for filename parameters to prevent path traversal sequences

Implement validation to reject filenames containing '../', '..\', or absolute paths

File System Restrictions

all

Configure application to run with minimal file system permissions and restrict accessible directories

Use Java Security Manager or containerization to limit file access

🧯 If You Can't Patch

  • Implement web application firewall (WAF) rules to block path traversal patterns in requests
  • Monitor file access logs for unusual patterns and implement alerting for suspicious file access attempts

🔍 How to Verify

Check if Vulnerable:

Check if application uses Dreampie Resty HttpClient module version ≤1.3.1.SNAPSHOT and processes filename parameters without validation

Check Version:

Check Maven/Gradle dependencies for 'cn.dreampie:resty-httpclient' version

Verify Fix Applied:

Test with path traversal payloads (e.g., '../../etc/passwd') to ensure they are rejected

📡 Detection & Monitoring

Log Indicators:

  • Requests containing '../' or '..\' sequences in filename parameters
  • Unusual file access patterns from HttpClient module

Network Indicators:

  • HTTP requests with suspicious path sequences in parameters

SIEM Query:

http.uri contains "../" OR http.uri contains "..\\"

📊 Metadata

CVE ID: CVE-2025-13435
CVSS v3 Score: 5.6 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-22
EPSS Score: 0.36% exploit probability (57.5th percentile)
Published: November 20, 2025
Last Updated: December 11, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-13435, you might also want to check these:

CVE-2024-43955 10.0

CVE-2024-43955 is an unauthenticated path traversal vulnerability in the Droip WordPress plugin that...

Same vulnerability type (CWE-22)
CVE-2025-54261 10.0

This critical path traversal vulnerability in Adobe ColdFusion allows attackers to escape restricted...

Same vulnerability type (CWE-22)
CVE-2024-40628 10.0

This critical vulnerability in JumpServer allows attackers to read arbitrary files from the Celery c...

Same vulnerability type (CWE-22)