CVE-2025-67845 – A directory traversal vulnerability in Mintlify... (How to Fix)

Q: What is the severity of CVE-2025-67845?

CVE-2025-67845 has a CVSS score of 6.4 (MEDIUM). A directory traversal vulnerability in Mintlify Platform's static asset proxy endpoint allows attackers to inject malicious web scripts or HTML via crafted URLs containing path traversal sequences. This affects all Mintlify Platform instances before November 15, 2025. Attackers can potentially execute arbitrary code in users' browsers or deface websites.

📋 TL;DR

A directory traversal vulnerability in Mintlify Platform's static asset proxy endpoint allows attackers to inject malicious web scripts or HTML via crafted URLs containing path traversal sequences. This affects all Mintlify Platform instances before November 15, 2025. Attackers can potentially execute arbitrary code in users' browsers or deface websites.

💻 Affected Systems

Products:

Mintlify Platform

Versions: All versions before 2025-11-15

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Affects the static asset proxy endpoint specifically; requires the endpoint to be accessible.

📦 What is this software?

Mintlify by Mintlify

View all CVEs affecting Mintlify →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution via malicious script injection leading to complete system compromise, data theft, or ransomware deployment.

🟠

Likely Case

Cross-site scripting (XSS) attacks resulting in session hijacking, credential theft, or website defacement.

🟢

If Mitigated

Limited impact with proper input validation and output encoding, potentially only causing minor service disruption.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires crafting URLs with path traversal sequences; references suggest public discussion and analysis.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Versions from 2025-11-15 onward

Vendor Advisory: https://www.mintlify.com/blog/working-with-security-researchers-november-2025

Restart Required: Yes

Instructions:

1. Update Mintlify Platform to version dated 2025-11-15 or later. 2. Restart the platform service. 3. Verify the fix using the verification steps.

🔧 Temporary Workarounds

Disable Static Asset Proxy Endpoint

all

Temporarily disable the vulnerable endpoint if not required.

Consult Mintlify documentation for endpoint configuration.

Implement WAF Rules

all

Add web application firewall rules to block path traversal sequences.

Add rule to block URLs containing '../', '..\\', or similar sequences.

🧯 If You Can't Patch

Implement strict input validation to reject path traversal sequences in URLs.
Deploy a reverse proxy with security filtering to sanitize requests before reaching Mintlify.

🔍 How to Verify

Check if Vulnerable:

Test by accessing the static asset proxy endpoint with a crafted URL containing path traversal sequences (e.g., '/proxy/../malicious.js').

Check Version:

Check Mintlify Platform version via admin interface or configuration files.

Verify Fix Applied:

After patching, retest with the same crafted URL; it should return an error or be blocked.

📡 Detection & Monitoring

Log Indicators:

Log entries showing access to static asset proxy with unusual path sequences (e.g., '../', '..\\').
Increased error rates or 400/403 responses from the proxy endpoint.

Network Indicators:

HTTP requests to the proxy endpoint with path traversal patterns in URLs.
Unusual traffic spikes to the endpoint from external IPs.

SIEM Query:

source="mintlify_logs" AND uri="/proxy/*" AND (uri CONTAINS "../" OR uri CONTAINS "..\\")

📊 Metadata

CVE ID: CVE-2025-67845

CVSS v3 Score: 6.4 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

CWE: CWE-24

EPSS Score: 0.12% exploit probability (31.6th percentile)

Published: December 19, 2025

Last Updated: January 2, 2026

🔗 References

https://heartbreak.ing/ Third Party Advisory
https://kibty.town/blog/mintlify/ Exploit,Third Party Advisory
https://news.ycombinator.com/item?id=46317098 Issue Tracking
https://www.mintlify.com/blog/working-with-security-researchers-november-2025 Vendor Advisory
https://www.mintlify.com/docs/changelog Release Notes

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-67845, you might also want to check these: