CVE-2025-69620 – A path traversal vulnerability in Moo Chan Song... (How to Fix)

Q: What is the severity of CVE-2025-69620?

CVE-2025-69620 has a CVSS score of 5.0 (MEDIUM). A path traversal vulnerability in Moo Chan Song v4.5.7 allows attackers to write arbitrary files to internal storage, potentially causing Denial of Service (DoS) by filling disk space or corrupting critical files. This affects all systems running the vulnerable version of Moo Chan Song software. Attackers could disrupt service availability without authentication.

📋 TL;DR

A path traversal vulnerability in Moo Chan Song v4.5.7 allows attackers to write arbitrary files to internal storage, potentially causing Denial of Service (DoS) by filling disk space or corrupting critical files. This affects all systems running the vulnerable version of Moo Chan Song software. Attackers could disrupt service availability without authentication.

💻 Affected Systems

Products:

Moo Chan Song

Versions: v4.5.7

Operating Systems: All platforms running Moo Chan Song

Default Config Vulnerable: ⚠️ Yes

Notes: All deployments of version 4.5.7 are vulnerable unless specifically hardened against path traversal.

📦 What is this software?

Office Reader by Ntoolslab

View all CVEs affecting Office Reader →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system unavailability due to disk exhaustion, critical file corruption, or service crash, potentially requiring system restoration from backups.

🟠

Likely Case

Service disruption through disk space consumption, degraded performance, or temporary unavailability until files are cleaned up.

🟢

If Mitigated

Limited impact with proper file permission controls, disk quotas, and monitoring in place to detect abnormal file writes.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Path traversal vulnerabilities are typically easy to exploit with publicly available tools. The GitHub reference suggests proof-of-concept exists.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None provided in references

Restart Required: Yes

Instructions:

1. Check vendor website for security updates. 2. Apply patch if available. 3. Restart Moo Chan Song service. 4. Verify fix by testing path traversal attempts.

🔧 Temporary Workarounds

Restrict File Write Permissions

linux

Limit the directories where Moo Chan Song can write files using OS-level permissions.

chmod 750 /path/to/moochan/data
chown moochan:restricted_group /path/to/moochan/data

Implement Input Validation

all

Add path traversal validation in web server or application firewall configuration.

# Example nginx location block with path validation
location ~ "\.\./" { deny all; }

🧯 If You Can't Patch

Upgrade to a newer version if available, or migrate to alternative software.
Implement strict network segmentation and limit access to Moo Chan Song to trusted sources only.

🔍 How to Verify

Check if Vulnerable:

Check if Moo Chan Song version is 4.5.7. Attempt to write a test file using path traversal payloads like '../../test.txt'.

Check Version:

Check application configuration files or use 'moochan --version' if available.

Verify Fix Applied:

After applying workarounds or patch, retest path traversal attempts and verify they are blocked. Monitor file system for unauthorized writes.

📡 Detection & Monitoring

Log Indicators:

Unusual file write patterns in application logs
Multiple failed path traversal attempts
Disk space alerts from monitoring systems

Network Indicators:

HTTP requests containing '../' patterns
Abnormal traffic to file upload endpoints

SIEM Query:

source="moochan.log" AND ("../" OR "..\\" OR "%2e%2e%2f")

📊 Metadata

CVE ID: CVE-2025-69620

CVSS v3 Score: 5.0 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H

CWE: CWE-22

EPSS Score: 0.01% exploit probability (0.3th percentile)

Published: February 4, 2026

Last Updated: February 11, 2026

🔗 References

http://office.com Not Applicable
http://www.ntoolslab.com/ Product
https://github.com/Secsys-FDU/AF_CVEs/issues/11 Exploit,Third Party Advisory
https://secsys.fudan.edu.cn/ Not Applicable

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-69620, you might also want to check these: