CVE-2025-15432 is a path traversal vulnerability identified in the yeqifu carRental software, specifically within the downloadShowFile function of the /file/downloadShowFile.action endpoint in the FileController component. The vulnerability arises from improper sanitization of the 'path' parameter, which an attacker can manipulate to traverse directories and access files outside the intended directory scope. This flaw does not require authentication, user interaction, or elevated privileges, making it remotely exploitable over the network with low complexity. The vulnerability affects versions up to the commit 3fabb7eae93d209426638863980301d6f99866b3, but due to the product's rolling release model, exact versioning is ambiguous. The exploit has been publicly disclosed, increasing the risk of exploitation, although no active exploitation has been reported yet. The vulnerability impacts confidentiality by potentially exposing sensitive files such as configuration files, credentials, or personal data stored on the server. The vendor has been notified but has not released a patch or response, leaving users exposed. The CVSS 4.0 score of 6.9 reflects a medium severity, driven by network attack vector, no required privileges or user interaction, and limited impact confined to confidentiality. The continuous update model of the software complicates patch management and vulnerability tracking. Organizations using yeqifu carRental should assess exposure, implement compensating controls, and monitor for exploitation attempts.

For European organizations, this vulnerability poses a risk of unauthorized disclosure of sensitive information stored on servers running yeqifu carRental software. This could include customer data, internal documents, or configuration files that might facilitate further attacks. The exposure of such data could lead to privacy violations under GDPR, reputational damage, and potential regulatory penalties. The car rental industry is significant in Europe, especially in countries with large tourism sectors such as Spain, Italy, France, and Germany, increasing the likelihood of deployment of such software. Attackers exploiting this vulnerability could gain insights into internal systems, enabling subsequent attacks like privilege escalation or lateral movement. The lack of vendor response and patch availability prolongs the exposure window. Additionally, the rolling release model may cause delays in identifying patched versions, complicating compliance and risk management. Organizations relying on this software for customer-facing services or internal operations should consider the confidentiality impact critical, as data leakage could affect both business continuity and customer trust.

1. Implement strict input validation and sanitization on the 'path' parameter in the downloadShowFile function to prevent directory traversal sequences such as '../'. 2. Employ web application firewalls (WAFs) with custom rules to detect and block path traversal attack patterns targeting the vulnerable endpoint. 3. Restrict access to the /file/downloadShowFile.action endpoint to trusted internal networks or authenticated users where possible, reducing exposure. 4. Conduct thorough code reviews and security testing to identify and remediate similar path traversal issues in other parts of the application. 5. Monitor server logs for unusual file access patterns or attempts to access sensitive files outside the intended directories. 6. Engage with the vendor or community to obtain updates or patches as soon as they become available, and test updates in a controlled environment before deployment. 7. If feasible, isolate the application environment using containerization or network segmentation to limit the impact of potential exploitation. 8. Educate development teams on secure coding practices to prevent injection of unsanitized input in file handling functions. 9. Consider deploying file integrity monitoring solutions to detect unauthorized changes or access to critical files. 10. Prepare incident response plans specific to data leakage scenarios to respond quickly if exploitation is detected.