CVE-2025-67487 – This vulnerability in Static Web Server (SWS) a... (How to Fix)

Q: What is the severity of CVE-2025-67487?

CVE-2025-67487 has a CVSS score of 8.6 (HIGH). This vulnerability in Static Web Server (SWS) allows attackers who can create files in the web root directory to create symbolic links that escape the web root, potentially accessing sensitive files elsewhere on the server. It affects all SWS versions 2.40.0 and below. The vulnerability requires an attacker to have write access to the web directory.

📋 TL;DR

This vulnerability in Static Web Server (SWS) allows attackers who can create files in the web root directory to create symbolic links that escape the web root, potentially accessing sensitive files elsewhere on the server. It affects all SWS versions 2.40.0 and below. The vulnerability requires an attacker to have write access to the web directory.

💻 Affected Systems

Products:

Static Web Server (SWS)

Versions: All versions ≤ 2.40.0

Operating Systems: All platforms running SWS

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in default configuration; requires write access to web root directory to exploit.

📦 What is this software?

Static Web Server by Static Web Server

View all CVEs affecting Static Web Server →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete server compromise via access to sensitive system files like /etc/passwd, SSH keys, or configuration files containing credentials.

🟠

Likely Case

Unauthorized reading of sensitive files outside web root, potentially exposing configuration files, logs, or application data.

🟢

If Mitigated

Limited impact if proper file permissions prevent unauthorized file creation in web root.

🌐 Internet-Facing: MEDIUM - Requires attacker to first gain write access to web directory, which adds a barrier but is possible through other vulnerabilities.

🏢 Internal Only: MEDIUM - Same technical risk but potentially easier for internal attackers with some access.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW - Simple symlink creation once write access is obtained.

Exploitation requires write access to web directory first, which may require another vulnerability or misconfiguration.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.40.1

Vendor Advisory: https://github.com/static-web-server/static-web-server/security/advisories/GHSA-459f-x8vq-xjjm

Restart Required: Yes

Instructions:

1. Stop SWS service. 2. Update to version 2.40.1 via package manager or manual download. 3. Restart SWS service. 4. Verify version with 'static-web-server --version'.

🔧 Temporary Workarounds

Restrict web directory permissions

linux

Prevent unauthorized file creation in web root directory.

chmod 755 /path/to/webroot
chown root:root /path/to/webroot

Disable directory listing

all

Prevent symlink discovery via directory listing.

Edit SWS config to set 'directory-listing' to false

🧯 If You Can't Patch

Implement strict file permissions on web root directory (read-only for web user).
Monitor web directory for symlink creation and alert on suspicious activity.

🔍 How to Verify

Check if Vulnerable:

Check SWS version; if ≤2.40.0, vulnerable. Test by creating a symlink in web root and attempting to access it via browser.

Check Version:

static-web-server --version

Verify Fix Applied:

After patching, attempt to access files outside web root via symlinks - should return 403 or 404 errors.

📡 Detection & Monitoring

Log Indicators:

403 errors for symlink access attempts after patch
File creation events in web root directory

Network Indicators:

HTTP requests attempting to access known sensitive file paths

SIEM Query:

web_access_logs status=403 AND uri CONTAINS '..' OR sensitive_file_names

📊 Metadata

CVE ID: CVE-2025-67487

CVSS v3 Score: 8.6 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

CWE: CWE-61

EPSS Score: 0.07% exploit probability (20.9th percentile)

Published: December 9, 2025

Last Updated: December 11, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-67487, you might also want to check these: