CVE-2025-13879 is a directory traversal vulnerability classified under CWE-22, found in SOLIDserver IPAM version 8.2.3. The vulnerability exists in the handling of the 'directory' parameter within the '/mod/ajax.php?action=sections/list/list' endpoint. An authenticated user with administrator privileges can exploit this flaw by supplying a crafted 'directory' parameter value, such as '/', to bypass the intended directory restrictions and list files outside the 'LOCAL:///' folder. This improper limitation of pathname allows traversal to arbitrary directories on the server, potentially exposing sensitive files or configuration data that should remain inaccessible. The vulnerability does not require user interaction and can be exploited remotely over the network (AV:N), with low attack complexity (AC:L). However, it requires high privileges (PR:H) and does not impact confidentiality, integrity, or availability beyond limited information disclosure (VC:L). No known exploits have been reported in the wild as of the publication date. The vulnerability highlights insufficient input validation and access control checks in the IPAM's directory listing functionality, which could be leveraged for reconnaissance or further attacks if combined with other vulnerabilities.

For European organizations, this vulnerability poses a risk primarily to confidentiality due to unauthorized directory listing capabilities. Attackers with administrator access could gain insights into the server's file structure, potentially revealing sensitive configuration files, credentials, or other critical data. While the vulnerability does not directly allow code execution or system compromise, the information disclosed could facilitate lateral movement or privilege escalation in a targeted attack. Organizations relying on SOLIDserver IPAM for IP address management and network configuration could face operational risks if sensitive network data is exposed. Given the requirement for administrator privileges, the threat is mitigated by strong internal access controls; however, insider threats or compromised administrator accounts could exploit this vulnerability. The lack of known exploits reduces immediate risk but does not eliminate the potential for future attacks. The vulnerability may also affect compliance with data protection regulations if sensitive information is exposed.

To mitigate CVE-2025-13879, organizations should first verify if they are running SOLIDserver IPAM version 8.2.3 and plan to upgrade to a patched version once available. In the absence of an official patch, restrict administrator access to trusted personnel and enforce strong authentication mechanisms, including multi-factor authentication, to reduce the risk of credential compromise. Implement network segmentation and firewall rules to limit access to the IPAM management interface from untrusted networks. Conduct regular audits of administrator activities and monitor logs for unusual directory access patterns. Additionally, consider deploying web application firewalls (WAFs) with custom rules to detect and block directory traversal attempts targeting the vulnerable endpoint. Review and harden input validation routines if custom integrations or scripts interact with the IPAM API. Finally, maintain an incident response plan to quickly address any suspicious activity related to this vulnerability.