CVE-2025-34171 – CasaOS versions up to 0.4.15 expose unauthentic... (How to Fix)

Q: What is the severity of CVE-2025-34171?

CVE-2025-34171 has a CVSS score of 5.3 (MEDIUM). CasaOS versions up to 0.4.15 expose unauthenticated endpoints that allow remote attackers to retrieve sensitive configuration files and system debug information. Attackers can access application configurations, system details, and enumerate files on the host filesystem. This affects all CasaOS deployments running vulnerable versions.

📋 TL;DR

CasaOS versions up to 0.4.15 expose unauthenticated endpoints that allow remote attackers to retrieve sensitive configuration files and system debug information. Attackers can access application configurations, system details, and enumerate files on the host filesystem. This affects all CasaOS deployments running vulnerable versions.

💻 Affected Systems

Products:

CasaOS

Versions: up to and including 0.4.15

Operating Systems: Linux

Default Config Vulnerable: ⚠️ Yes

Notes: All default installations of affected versions are vulnerable. CasaOS is typically deployed on home servers and NAS devices.

📦 What is this software?

Casaos by Icewhale

View all CVEs affecting Casaos →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers gain complete reconnaissance of the system including installed applications, configurations, and file system structure, enabling targeted follow-up attacks like privilege escalation or service exploitation.

🟠

Likely Case

Information disclosure revealing application configurations, system details, and file enumeration that facilitates reconnaissance for further attacks.

🟢

If Mitigated

Limited to authenticated users only, preventing unauthorized access to sensitive system information.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires only HTTP requests to specific endpoints with crafted parameters. No authentication required.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 0.4.16 or later

Vendor Advisory: https://github.com/IceWhaleTech/CasaOS

Restart Required: Yes

Instructions:

1. Check current CasaOS version. 2. Update to version 0.4.16 or later via package manager or manual installation. 3. Restart CasaOS service.

🔧 Temporary Workarounds

Network Access Control

linux

Restrict network access to CasaOS web interface using firewall rules

iptables -A INPUT -p tcp --dport 80 -s TRUSTED_IP -j ACCEPT
iptables -A INPUT -p tcp --dport 443 -s TRUSTED_IP -j ACCEPT
iptables -A INPUT -p tcp --dport 80 -j DROP
iptables -A INPUT -p tcp --dport 443 -j DROP

Reverse Proxy Authentication

all

Place CasaOS behind a reverse proxy with authentication requirements

🧯 If You Can't Patch

Isolate CasaOS instance on separate network segment with strict firewall rules
Monitor for suspicious requests to /v1/users/image and /v1/sys/debug endpoints

🔍 How to Verify

Check if Vulnerable:

Test if unauthenticated requests to http://[CASAOS_IP]/v1/users/image?path=../../../../etc/passwd return file contents or error messages

Check Version:

casaos --version or check web interface dashboard

Verify Fix Applied:

After patching, verify that unauthenticated requests to vulnerable endpoints return proper authentication errors or are disabled

📡 Detection & Monitoring

Log Indicators:

HTTP requests to /v1/users/image with path parameters
HTTP requests to /v1/sys/debug
Multiple 200/403 responses from these endpoints

Network Indicators:

Unusual volume of requests to /v1/users/image endpoint
Requests with path traversal patterns (../)

SIEM Query:

source="casaos" AND (url="/v1/users/image" OR url="/v1/sys/debug")

📊 Metadata

CVE ID: CVE-2025-34171

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE: CWE-497

EPSS Score: 0.19% exploit probability (41.2th percentile)

Published: January 2, 2026

Last Updated: February 26, 2026

🔗 References

https://casaos.zimaspace.com/ Product
https://github.com/IceWhaleTech/CasaOS Product
https://www.vulncheck.com/advisories/casaos-unauthenticated-file-and-debug-data-exposure Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-34171, you might also want to check these: