CVE-2025-11913 identifies a path traversal vulnerability in Shenzhen Ruiming Technology's Streamax Crocus software version 1.3.40. The vulnerability resides in the Download function accessible via the endpoint /Service.do?Action=Download, where the Path parameter is insufficiently sanitized. This allows an attacker to manipulate the Path argument to traverse directories outside the intended file scope, potentially accessing arbitrary files on the server's filesystem. The vulnerability is remotely exploitable over the network without requiring authentication or user interaction, increasing its risk profile. The CVSS 4.0 score is 5.3 (medium), reflecting the ease of exploitation but limited impact on integrity and availability. The vendor was contacted but has not issued a patch or mitigation guidance. The public disclosure of an exploit means attackers can leverage this vulnerability to access sensitive configuration files, credentials, or other critical data stored on affected systems. This could lead to information disclosure, further compromise, or lateral movement within networks. The affected product is primarily used in video surveillance and security monitoring, making confidentiality breaches particularly sensitive. No known active exploitation in the wild has been reported yet, but the presence of a public exploit increases the urgency for defensive measures.

For European organizations, especially those in critical infrastructure, public safety, and private security sectors relying on Streamax Crocus 1.3.40, this vulnerability poses a significant confidentiality risk. Unauthorized file access could expose sensitive surveillance footage, configuration files, or credentials, potentially leading to privacy violations or enabling further attacks such as privilege escalation or lateral movement. The lack of vendor response and patch increases exposure duration. Organizations operating in regulated environments (e.g., GDPR) face compliance risks if personal data is exposed. The remote, unauthenticated nature of the exploit means attackers can target exposed systems directly, increasing the attack surface. Disruption to surveillance operations could also indirectly impact physical security. While availability and integrity impacts are limited, the confidentiality breach potential and ease of exploitation make this a notable threat for European entities using this product.

1. Immediately restrict network access to the affected Streamax Crocus management interfaces using firewalls or network segmentation, allowing only trusted IPs to connect. 2. Implement strict input validation and filtering at the web application firewall (WAF) level to detect and block path traversal patterns targeting the /Service.do?Action=Download endpoint. 3. Monitor logs for suspicious requests containing directory traversal sequences (e.g., ../) and unusual file access patterns. 4. Disable or restrict the Download functionality if not essential for operations until a vendor patch is available. 5. Conduct a thorough audit of exposed files and systems to identify any unauthorized access or data leakage. 6. Engage with Shenzhen Ruiming Technology for patch timelines and subscribe to vulnerability advisories for updates. 7. Consider deploying endpoint detection and response (EDR) tools to detect lateral movement or exploitation attempts stemming from this vulnerability. 8. Educate security teams about this specific vulnerability to enhance incident detection and response capabilities.