CVE-2025-13435 identifies a path traversal vulnerability in the Dreampie Resty HTTP client, specifically in the Request function within the HttpClient.java file of the HttpClient module. The vulnerability arises from improper sanitization of the filename argument, allowing an attacker to manipulate the file path and access files outside the intended directory structure. This can lead to unauthorized disclosure of sensitive files on the server hosting the vulnerable component. The vulnerability affects Dreampie Resty versions up to 1.3.1.SNAPSHOT. The attack vector is remote network access without requiring authentication or user interaction, but the attack complexity is high, indicating that exploitation requires detailed knowledge of the target environment and careful crafting of requests. The CVSS 4.0 base score is 6.3, reflecting medium severity with network attack vector, high attack complexity, no privileges or user interaction required, and low impact on confidentiality, integrity, and availability. The vendor has not responded to early notifications, and no official patches or mitigations have been published. Although no known exploits are currently observed in the wild, the public disclosure increases the risk of exploitation attempts. The vulnerability primarily threatens confidentiality by enabling unauthorized file access, potentially exposing sensitive configuration files, credentials, or other critical data. The lack of vendor response and patch availability heightens the urgency for organizations to implement compensating controls.

For European organizations, the primary impact of CVE-2025-13435 is the potential unauthorized disclosure of sensitive information stored on servers running vulnerable versions of Dreampie Resty. This can lead to data breaches, intellectual property theft, and exposure of credentials or internal configuration files, which may facilitate further attacks. Organizations relying on Dreampie Resty for web services, API clients, or internal tooling are at risk. The medium severity score reflects moderate risk, but the absence of patches and vendor support increases exposure. Regulatory frameworks such as GDPR impose strict data protection requirements, so data leaks resulting from exploitation could lead to significant legal and financial consequences. The complexity of exploitation reduces the likelihood of widespread automated attacks but does not eliminate targeted attacks against high-value entities. Additionally, the vulnerability could be leveraged as a foothold for lateral movement or privilege escalation if sensitive files contain credentials or secrets. Overall, the threat poses a tangible risk to confidentiality and operational security in affected environments.

Given the lack of official patches, European organizations should implement immediate compensating controls. First, enforce strict input validation and sanitization on all filename or path parameters used by Dreampie Resty to prevent path traversal sequences such as '../'. Implement allowlisting of acceptable file paths and deny any input that attempts to navigate outside designated directories. Employ runtime application self-protection (RASP) or web application firewalls (WAFs) configured to detect and block path traversal patterns in HTTP requests. Restrict file system permissions for the application to the minimum necessary, ensuring it cannot access sensitive directories or files even if path traversal is attempted. Conduct thorough code reviews and consider upgrading or replacing Dreampie Resty with alternative HTTP clients that do not exhibit this vulnerability. Monitor logs for anomalous access patterns or errors indicative of exploitation attempts. Finally, maintain an incident response plan to quickly address any detected exploitation and notify relevant data protection authorities if sensitive data exposure occurs.