CVE-2025-65075 – This vulnerability allows high-privileged attac... (How to Fix)

Q: What is the severity of CVE-2025-65075?

CVE-2025-65075 has a CVSS score of 6.5 (MEDIUM). This vulnerability allows high-privileged attackers to perform path traversal attacks through the alog script in WaveView client, enabling file read/delete operations on the WaveStore Server with dvr user permissions. It affects WaveView client users connecting to vulnerable WaveStore Servers. The issue requires attacker access to high-privilege accounts.

📋 TL;DR

This vulnerability allows high-privileged attackers to perform path traversal attacks through the alog script in WaveView client, enabling file read/delete operations on the WaveStore Server with dvr user permissions. It affects WaveView client users connecting to vulnerable WaveStore Servers. The issue requires attacker access to high-privilege accounts.

💻 Affected Systems

Products:

WaveView client
WaveStore Server

Versions: All versions before 6.44.44

Operating Systems: Windows, Linux

Default Config Vulnerable: ⚠️ Yes

Notes: Requires WaveView client with high-privilege access to WaveStore Server. The dvr user permissions determine impact scope.

📦 What is this software?

Video Management Software Server by Wavestore

View all CVEs affecting Video Management Software Server →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of dvr user files on server including sensitive configuration files, video recordings, and system files leading to data destruction or exfiltration.

🟠

Likely Case

Unauthorized access to and deletion of video recordings and log files, potentially disrupting surveillance operations.

🟢

If Mitigated

Limited impact due to proper privilege separation and network segmentation restricting attacker access.

🌐 Internet-Facing: MEDIUM - Requires high-privilege credentials but could be exploited if management interfaces are exposed.

🏢 Internal Only: HIGH - Internal attackers with administrative access can easily exploit this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires high-privilege credentials but uses simple path traversal techniques once authenticated.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 6.44.44

Vendor Advisory: https://www.wavestore.com/products/video-management-software

Restart Required: Yes

Instructions:

1. Download WaveView version 6.44.44 from official vendor site. 2. Install update on all WaveView clients. 3. Restart WaveView services. 4. Verify server connections are functioning.

🔧 Temporary Workarounds

Restrict alog script permissions

linux

Remove execute permissions from alog script or restrict to specific trusted users

chmod 644 /path/to/alog_script
chown root:root /path/to/alog_script

Implement strict input validation

all

Add path traversal validation in WaveView client configuration

🧯 If You Can't Patch

Implement strict access controls limiting high-privilege accounts to essential personnel only
Segment network to isolate WaveStore Server from general user networks and implement firewall rules

🔍 How to Verify

Check if Vulnerable:

Check WaveView client version and verify if below 6.44.44. Review user privilege assignments for WaveView access.

Check Version:

waveview --version or check About dialog in WaveView GUI

Verify Fix Applied:

Confirm WaveView client version is 6.44.44 or higher. Test alog script functionality with path traversal attempts.

📡 Detection & Monitoring

Log Indicators:

Unusual file access patterns by dvr user
Multiple failed path traversal attempts in application logs
Unexpected file deletion events

Network Indicators:

Abnormal WaveView client to server communication patterns
Unexpected file transfer activities

SIEM Query:

source="waveview.log" AND ("path traversal" OR "../" OR "..\") AND user="dvr"

📊 Metadata

CVE ID: CVE-2025-65075

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

CWE: CWE-22

EPSS Score: 0.06% exploit probability (19.5th percentile)

Published: December 16, 2025

Last Updated: December 22, 2025

🔗 References

https://cert.pl/en/posts/2025/12/CVE-2025-65074 Third Party Advisory
https://www.wavestore.com/products/video-management-software Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-65075, you might also want to check these: