CVE-2025-53505 – Group-Office versions before 6.8.119 and 25.0.2... (How to Fix)

Q: What is the severity of CVE-2025-53505?

CVE-2025-53505 has a CVSS score of 5.3 (MEDIUM). Group-Office versions before 6.8.119 and 25.0.20 contain a path traversal vulnerability that allows attackers to access files outside the intended directory. This affects all servers running vulnerable Group-Office installations, potentially exposing sensitive server information.

📋 TL;DR

Group-Office versions before 6.8.119 and 25.0.20 contain a path traversal vulnerability that allows attackers to access files outside the intended directory. This affects all servers running vulnerable Group-Office installations, potentially exposing sensitive server information.

💻 Affected Systems

Products:

Group-Office

Versions: All versions prior to 6.8.119 and prior to 25.0.20

Operating Systems: All platforms running Group-Office

Default Config Vulnerable: ⚠️ Yes

Notes: All default installations of affected versions are vulnerable. No special configuration required for exploitation.

📦 What is this software?

Group Office by Group Office

View all CVEs affecting Group Office →

Group Office by Group Office

View all CVEs affecting Group Office →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete server file system disclosure including configuration files, credentials, and sensitive data, leading to full system compromise.

🟠

Likely Case

Partial file system access exposing web-accessible files, configuration details, and potentially sensitive application data.

🟢

If Mitigated

Limited exposure of non-critical files due to proper file permissions and directory restrictions.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires understanding of path traversal techniques and knowledge of the target system's file structure.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 6.8.119 or 25.0.20

Vendor Advisory: https://www.group-office.com/

Restart Required: No

Instructions:

1. Backup your Group-Office installation and database. 2. Download the patched version from the official website. 3. Replace the vulnerable files with the patched version. 4. Verify the installation is working correctly.

🔧 Temporary Workarounds

Restrict file access permissions

all

Set strict file permissions on sensitive directories and files to limit what can be accessed even if traversal is attempted.

chmod 750 /path/to/group-office/
chown www-data:www-data /path/to/group-office/

🧯 If You Can't Patch

Implement web application firewall (WAF) rules to block path traversal patterns
Isolate Group-Office server from sensitive systems and implement network segmentation

🔍 How to Verify

Check if Vulnerable:

Check your Group-Office version number in the admin interface or by examining the installation files.

Check Version:

Check the version.php file in the Group-Office installation directory or use the admin dashboard.

Verify Fix Applied:

Confirm version is 6.8.119 or higher (for version 6.x) or 25.0.20 or higher (for version 25.x). Test file access attempts to verify they are blocked.

📡 Detection & Monitoring

Log Indicators:

Multiple failed file access attempts with '../' patterns
Unusual file access patterns in web server logs

Network Indicators:

HTTP requests containing '../' sequences in URLs or parameters

SIEM Query:

source="web_server_logs" AND (url="*../*" OR parameters="*../*")

📊 Metadata

CVE ID: CVE-2025-53505

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE: CWE-22

EPSS Score: 0.04% exploit probability (13.2th percentile)

Published: August 21, 2025

Last Updated: September 24, 2025

🔗 References

https://jvn.jp/en/jp/JVN72111431/ Third Party Advisory
https://www.group-office.com/ Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-53505, you might also want to check these: