CVE-2025-25652 – This directory traversal vulnerability in Eptur... (How to Fix)

Q: What is the severity of CVE-2025-25652?

CVE-2025-25652 has a CVSS score of 7.5 (HIGH). This directory traversal vulnerability in Eptura Archibus allows attackers to access files outside the intended directory through the 'Run script' and 'Server File' components of the Database Update Wizard. Attackers could read sensitive system files or potentially write malicious files. Organizations using Archibus 2024.03.01.109 are affected.

📋 TL;DR

This directory traversal vulnerability in Eptura Archibus allows attackers to access files outside the intended directory through the 'Run script' and 'Server File' components of the Database Update Wizard. Attackers could read sensitive system files or potentially write malicious files. Organizations using Archibus 2024.03.01.109 are affected.

💻 Affected Systems

Products:

Eptura Archibus

Versions: 2024.03.01.109

Operating Systems: Windows, Linux

Default Config Vulnerable: ⚠️ Yes

Notes: Requires access to the Database Update Wizard functionality, which may be restricted to administrative users.

📦 What is this software?

Archibus by Eptura

View all CVEs affecting Archibus →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise through reading sensitive configuration files, credentials, or writing malicious scripts that could lead to remote code execution.

🟠

Likely Case

Unauthorized access to sensitive files containing database credentials, configuration data, or business information stored on the server.

🟢

If Mitigated

Limited impact with proper file permissions and network segmentation preventing access to critical system files.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploit details available on Packet Storm, suggesting attackers can craft directory traversal payloads to access files outside intended directories.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not specified

Vendor Advisory: Not available

Restart Required: No

Instructions:

1. Monitor Eptura security advisories for patch release. 2. Apply patch when available. 3. Test in non-production environment first. 4. Restart Archibus services if required by patch.

🔧 Temporary Workarounds

Restrict Database Update Wizard Access

all

Limit access to the Database Update Wizard functionality to only essential administrative users.

Implement File System Permissions

linux

Set strict file permissions to prevent the Archibus service account from accessing sensitive directories.

chmod 750 /path/to/sensitive/directories
chown root:root /path/to/sensitive/directories

🧯 If You Can't Patch

Implement network segmentation to isolate Archibus servers from critical systems
Deploy web application firewall (WAF) with directory traversal protection rules

🔍 How to Verify

Check if Vulnerable:

Check if running Archibus version 2024.03.01.109 and verify access to Database Update Wizard components.

Check Version:

Check Archibus version in application interface or configuration files.

Verify Fix Applied:

Test directory traversal attempts after applying patches or workarounds to confirm they are blocked.

📡 Detection & Monitoring

Log Indicators:

Unusual file access patterns
Directory traversal strings in request logs (../, ..\)
Multiple failed access attempts to sensitive paths

Network Indicators:

HTTP requests containing directory traversal sequences to Database Update Wizard endpoints

SIEM Query:

source="archibus_logs" AND ("../" OR "..\" OR "%2e%2e%2f") AND ("run_script" OR "server_file" OR "database_update")

📊 Metadata

CVE ID: CVE-2025-25652

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-22

EPSS Score: 0.4% exploit probability (60.2th percentile)

Published: January 13, 2026

Last Updated: February 13, 2026

🔗 References

https://eptura.com/our-platform/archibus/ Product
https://packetstorm.news/files/id/213675 Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-25652, you might also want to check these: