CVE-2025-10472 is a path traversal vulnerability identified in the MoneyPrinterTurbo application developed by harry0703, affecting versions 1.2.0 through 1.2.6. The vulnerability exists in the URL Handler component, specifically within the download_video and stream_video functions located in the app/controllers/v1/video.py file. The flaw arises due to improper validation or sanitization of the file_path argument, which an attacker can manipulate to traverse directories outside the intended file system path. This allows remote attackers to access arbitrary files on the server hosting the application. Since the vulnerability can be exploited remotely without requiring authentication or user interaction, it poses a significant risk. The CVSS 4.0 base score is 6.9 (medium severity), reflecting the ease of exploitation (low attack complexity), no privileges required, and no user interaction needed. The impact primarily concerns confidentiality, as unauthorized file access could lead to exposure of sensitive data. However, integrity and availability impacts are minimal or absent. Although no known exploits are currently observed in the wild, the public disclosure of the vulnerability increases the likelihood of exploitation attempts. No official patches or mitigations have been linked yet, which necessitates proactive defensive measures by affected users.

For European organizations using MoneyPrinterTurbo versions 1.2.0 to 1.2.6, this vulnerability could lead to unauthorized disclosure of sensitive internal files, including configuration files, credentials, or proprietary data. Such exposure could facilitate further attacks, including lateral movement, privilege escalation, or data exfiltration. Organizations in finance, media, or any sector relying on video streaming or download functionalities integrated with MoneyPrinterTurbo are particularly at risk. The ability to exploit this remotely without authentication increases the threat surface, especially for internet-facing deployments. Data privacy regulations such as GDPR impose strict requirements on protecting personal and sensitive data; a breach resulting from this vulnerability could lead to regulatory penalties and reputational damage. Additionally, attackers might leverage accessed files to craft targeted phishing or social engineering campaigns against European entities.

1. Immediate mitigation should involve restricting access to the download_video and stream_video endpoints via network-level controls such as firewalls or web application firewalls (WAFs) to limit exposure to trusted IP ranges. 2. Implement input validation and sanitization on the file_path parameter to disallow directory traversal sequences (e.g., '..', absolute paths). 3. Employ allowlisting of permissible file paths or names to ensure only intended files can be accessed. 4. Monitor application logs for suspicious requests containing traversal patterns and set up alerts. 5. If possible, isolate the application environment with least privilege file system permissions to limit the impact of unauthorized file access. 6. Engage with the vendor or community to obtain patches or updates addressing this vulnerability and apply them promptly once available. 7. Conduct a thorough audit of exposed files and credentials to assess potential compromise and rotate secrets if necessary.