CVE-2025-58755
📋 TL;DR
This vulnerability in MONAI allows path traversal attacks through malicious ZIP files. When MONAI processes compressed files using extractall(), attackers can overwrite arbitrary system files. This affects all MONAI users who process ZIP files from untrusted sources.
💻 Affected Systems
- MONAI (Medical Open Network for AI)
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Complete system compromise through overwriting critical system files, potentially leading to remote code execution and data destruction.
Likely Case
Local file overwrite leading to data corruption, denial of service, or privilege escalation depending on file locations.
If Mitigated
Limited to application directory damage if proper sandboxing and file permission controls are implemented.
🎯 Exploit Status
No known exploits in the wild at publication time, but exploitation is trivial for attackers with ZIP file creation capabilities.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: None available as of publication
Vendor Advisory: https://github.com/Project-MONAI/MONAI/security/advisories/GHSA-x6ww-pf9m-m73m
Restart Required: No
Instructions:
No official patch available. Monitor MONAI GitHub repository for security updates and patch immediately when released.
🔧 Temporary Workarounds
Implement ZIP file validation
allValidate ZIP file contents before extraction to ensure no path traversal attempts.
# Python example to check for path traversal
import zipfile
with zipfile.ZipFile('file.zip') as zf:
for name in zf.namelist():
if '..' in name or name.startswith('/'):
raise ValueError('Path traversal detected')
Use safe extraction directory
allExtract to a temporary, isolated directory with restricted permissions.
# Python example using temp directory
import tempfile
import zipfile
import os
with tempfile.TemporaryDirectory() as tmpdir:
with zipfile.ZipFile('file.zip') as zf:
zf.extractall(tmpdir)
# Process files from tmpdir only
🧯 If You Can't Patch
- Disable ZIP file processing from untrusted sources entirely
- Implement strict file permission controls and run MONAI with minimal privileges
🔍 How to Verify
Check if Vulnerable:
Check MONAI version with: python -c "import monai; print(monai.__version__)" and verify if ≤1.5.0Check Version:
python -c "import monai; print(monai.__version__)"Verify Fix Applied:
When patch is available, update MONAI and test with malicious ZIP files containing path traversal payloads📡 Detection & Monitoring
Log Indicators:
- Unexpected file overwrites in system directories
- MONAI process accessing files outside expected directories
- Errors from failed path traversal attempts
Network Indicators:
- Downloads of ZIP files followed by file system changes outside application directory
SIEM Query:
Process:monai AND (FileCreate:*\\..\\* OR FileCreate:*\\..\\..\\*)