CVE-2025-66221 – This vulnerability in Werkzeug's safe

📋 TL;DR

This vulnerability in Werkzeug's safe_join function allows attackers to cause denial of service by requesting paths ending with Windows device names (like CON, AUX). When exploited on Windows systems, it causes the file reading operation to hang indefinitely. Only applications running on Windows using Werkzeug's send_from_directory function are affected.

💻 Affected Systems

Products:

Werkzeug

Versions: All versions prior to 3.1.4

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects applications using send_from_directory function on Windows. Linux/macOS systems are not vulnerable.

📦 What is this software?

Werkzeug by Palletsprojects

View all CVEs affecting Werkzeug →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete denial of service for the affected endpoint, potentially causing application unavailability and resource exhaustion.

🟠

Likely Case

Temporary service disruption for specific file-serving endpoints, requiring manual intervention to restart affected processes.

🟢

If Mitigated

Minimal impact with proper monitoring and process management that can detect and restart hung processes.

🌐 Internet-Facing: MEDIUM - Exploitable via HTTP requests but requires specific path manipulation and Windows platform.

🏢 Internal Only: LOW - Requires internal network access and knowledge of vulnerable endpoints.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires crafting HTTP requests with specific path parameters ending in Windows device names.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 3.1.4

Vendor Advisory: https://github.com/pallets/werkzeug/security/advisories/GHSA-hgf8-39gv-g3f2

Restart Required: Yes

Instructions:

1. Update Werkzeug to version 3.1.4 or later using pip: pip install --upgrade werkzeug>=3.1.4
2. Restart your application server
3. Verify the update was successful

🔧 Temporary Workarounds

Input Validation Filter

windows

Add middleware to filter out requests containing Windows device names in paths

Implement request filtering before send_from_directory calls

Platform Migration

all

Deploy application on Linux/macOS instead of Windows

🧯 If You Can't Patch

Implement WAF rules to block requests containing Windows device names in URL paths
Add monitoring and alerting for hung processes with automatic restart mechanisms

🔍 How to Verify

Check if Vulnerable:

Check if running Werkzeug <3.1.4 on Windows and using send_from_directory function

Check Version:

python -c "import werkzeug; print(werkzeug.__version__)"

Verify Fix Applied:

Verify Werkzeug version is 3.1.4 or higher and test file serving with previously problematic paths

📡 Detection & Monitoring

Log Indicators:

Repeated requests to paths ending with CON, AUX, PRN, NUL, COM1-COM9, LPT1-LPT9
Unusually long file serving response times

Network Indicators:

HTTP requests with Windows device names in URL paths
Hanging HTTP connections to file serving endpoints

SIEM Query:

source="web_logs" AND (url="*CON" OR url="*AUX" OR url="*PRN" OR url="*NUL" OR url="*COM[1-9]" OR url="*LPT[1-9]")

📊 Metadata

CVE ID: CVE-2025-66221

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE: CWE-67

EPSS Score: 0.03% exploit probability (7.2th percentile)

Published: November 29, 2025

Last Updated: December 3, 2025

🔗 References

https://github.com/pallets/werkzeug/commit/4b833376a45c323a189cd11d2362bcffdb1c0c13 Patch
https://github.com/pallets/werkzeug/releases/tag/3.1.4 Release Notes
https://github.com/pallets/werkzeug/security/advisories/GHSA-hgf8-39gv-g3f2 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-66221, you might also want to check these: