CVE-2025-65952
📋 TL;DR
A path traversal vulnerability in Console (a network control system for Gorilla Tag mods) allows attackers to escape the intended directory structure using complex combinations of backslashes and periods. This enables unauthorized file writes to arbitrary directories on the system. Users of Console versions before 2.8.0 are affected.
💻 Affected Systems
- Console (Gorilla Tag mod control network)
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete system compromise through arbitrary file writes, potentially leading to remote code execution, data destruction, or privilege escalation.
Likely Case
Unauthorized file modification or creation in sensitive directories, potentially disrupting Gorilla Tag mod functionality or compromising user data.
If Mitigated
Limited impact with proper file system permissions and restricted user access, though vulnerability still exists.
🎯 Exploit Status
Exploitation requires access to Console's mod control interface but uses simple path traversal techniques once access is obtained.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 2.8.0
Vendor Advisory: https://github.com/iiDk-the-actual/Console/security/advisories/GHSA-c3f7-xh45-2xc7
Restart Required: Yes
Instructions:
1. Download Console version 2.8.0 or later from the official repository. 2. Stop the Console service. 3. Replace existing Console installation with the patched version. 4. Restart the Console service.
🔧 Temporary Workarounds
Restrict file system permissions
allLimit Console's write permissions to only necessary directories using operating system access controls.
Input validation at proxy
allImplement input validation for path parameters at network boundary before reaching Console.
🧯 If You Can't Patch
- Implement strict file system permissions to limit Console's write access to only essential directories
- Monitor for unusual file system activity from Console processes and implement network segmentation
🔍 How to Verify
Check if Vulnerable:
Check Console version using the version command or configuration file. If version is below 2.8.0, the system is vulnerable.Check Version:
Check Console configuration or use the Console interface's version commandVerify Fix Applied:
After updating, verify Console version is 2.8.0 or higher and test that path traversal attempts are properly blocked.📡 Detection & Monitoring
Log Indicators:
- Unusual file write operations from Console process
- Path traversal patterns in Console access logs
- Failed directory escape attempts in logs
Network Indicators:
- Unusual file transfer patterns from Console network traffic
- Multiple failed path manipulation attempts
SIEM Query:
Process:Console AND (FileWrite:*\..\* OR FileWrite:*../*)