CVE-2025-13879 is a directory traversal vulnerability classified under CWE-22 affecting SOLIDserver IPAM version 8.2.3. The vulnerability arises due to improper validation and limitation of the 'directory' parameter in the '/mod/ajax.php?action=sections/list/list' endpoint. An authenticated user with administrator privileges can exploit this flaw by setting the 'directory' parameter to arbitrary paths such as '/', thereby bypassing intended access restrictions and listing files and directories outside the designated 'LOCAL:///' folder. This improper limitation allows unauthorized access to filesystem information that should be restricted, potentially exposing sensitive configuration files or other data. The vulnerability does not require user interaction and can be exploited remotely over the network (AV:N), with low attack complexity (AC:L) and no need for additional privileges beyond administrator access (PR:H). The impact is primarily on confidentiality (VC:L) with no direct integrity or availability impact. No patches or known exploits are currently documented, but the vulnerability is publicly disclosed and assigned a CVSS 4.0 score of 5.1, indicating a medium severity level. The flaw highlights the importance of robust input validation and access control in web application parameters, especially in IP Address Management (IPAM) solutions that manage critical network infrastructure data.

For European organizations, the impact of this vulnerability centers on unauthorized disclosure of sensitive filesystem information within SOLIDserver IPAM deployments. IPAM solutions often contain critical network topology, IP address allocations, and infrastructure configuration data. Exposure of such information could aid attackers in reconnaissance, facilitating further targeted attacks or lateral movement within networks. Although exploitation requires administrator credentials, insider threats or compromised admin accounts could leverage this vulnerability to escalate information disclosure. The medium severity rating reflects moderate risk, but the potential for sensitive data leakage could have compliance implications under GDPR if personal or sensitive data is exposed. Additionally, organizations relying heavily on SOLIDserver IPAM for network management may face operational risks if attackers use disclosed information to disrupt or manipulate network configurations indirectly. The absence of known exploits reduces immediate risk but does not eliminate the threat, especially as the vulnerability is publicly known.

European organizations should implement the following specific mitigations: 1) Immediately verify if SOLIDserver IPAM version 8.2.3 is in use and restrict administrator access to trusted personnel only. 2) Monitor and audit administrator actions and access logs for unusual directory listing requests or attempts to manipulate the 'directory' parameter. 3) Employ network segmentation and access controls to limit exposure of the IPAM management interface to internal trusted networks only. 4) Contact the vendor for patches or updates addressing this vulnerability; if unavailable, consider temporary compensating controls such as web application firewalls (WAF) with rules blocking suspicious 'directory' parameter values. 5) Enforce strong authentication and credential management policies to reduce risk of compromised admin accounts. 6) Conduct regular vulnerability assessments and penetration tests focusing on IPAM solutions to detect similar issues proactively. 7) Educate administrators about the risks of parameter manipulation and the importance of secure configuration management.