CVE-2025-15432 – This is a path traversal vulnerability in yeqif... (How to Fix)

Q: What is the severity of CVE-2025-15432?

CVE-2025-15432 has a CVSS score of 5.3 (MEDIUM). This is a path traversal vulnerability in yeqifu carRental software that allows attackers to access arbitrary files on the server by manipulating the 'path' parameter in the downloadShowFile function. The vulnerability affects all versions up to commit 3fabb7eae93d209426638863980301d6f99866b3. Attackers can exploit this remotely without authentication.

📋 TL;DR

This is a path traversal vulnerability in yeqifu carRental software that allows attackers to access arbitrary files on the server by manipulating the 'path' parameter in the downloadShowFile function. The vulnerability affects all versions up to commit 3fabb7eae93d209426638863980301d6f99866b3. Attackers can exploit this remotely without authentication.

💻 Affected Systems

Products:

yeqifu carRental

Versions: All versions up to commit 3fabb7eae93d209426638863980301d6f99866b3

Operating Systems: Any OS running the vulnerable software

Default Config Vulnerable: ⚠️ Yes

Notes: The project uses a rolling release model, so specific version numbers are not available. All deployments using the vulnerable commit or earlier are affected.

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could read sensitive system files, configuration files, or source code, potentially leading to complete system compromise if credentials or secrets are exposed.

🟠

Likely Case

Unauthorized access to application files, configuration data, or other sensitive information stored on the server.

🟢

If Mitigated

Limited impact if proper file permissions and input validation are implemented, restricting access to only intended files.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit details have been publicly disclosed in GitHub issue #46. The vulnerability is simple to exploit with basic HTTP requests.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: No

Instructions:

No official patch is available. The vendor has been notified but has not responded. Consider implementing workarounds or migrating to alternative software.

🔧 Temporary Workarounds

Input Validation Filter

all

Implement server-side validation to reject path traversal sequences like '../' in the path parameter

Implement input sanitization in the downloadShowFile function to validate path parameters

Web Application Firewall Rule

all

Block requests containing path traversal patterns in URL parameters

Add WAF rule to block requests with '../' or similar patterns in query parameters

🧯 If You Can't Patch

Restrict file system permissions to limit what files the application can access
Implement network segmentation to isolate the vulnerable system from sensitive data

🔍 How to Verify

Check if Vulnerable:

Test by sending a request to /file/downloadShowFile.action with a path parameter containing '../' sequences and observe if it returns files outside the intended directory

Check Version:

Check the Git commit hash of the deployed carRental instance

Verify Fix Applied:

Test the same path traversal attempts and verify they are rejected or return error messages

📡 Detection & Monitoring

Log Indicators:

HTTP requests to /file/downloadShowFile.action with '../' in parameters
Unusual file access patterns from the application

Network Indicators:

HTTP requests with path traversal sequences in URL parameters

SIEM Query:

url:*/file/downloadShowFile.action* AND (path:*../* OR param:*../*)

📊 Metadata

CVE ID: CVE-2025-15432

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE: CWE-22

Published: January 2, 2026

Last Updated: February 5, 2026

🤖 AI-assisted analysis, reviewed for accuracy

🔗 References

https://github.com/yeqifu/carRental/issues/46 Exploit,Issue Tracking,Third Party Advisory
https://vuldb.com/?ctiid.339354 Permissions Required,VDB Entry
https://vuldb.com/?id.339354 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.723220 Third Party Advisory,VDB Entry
https://github.com/yeqifu/carRental/issues/46 Exploit,Issue Tracking,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-15432, you might also want to check these: