Skip to main content

CVE-2025-34045: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Shenzhen Yuanmengyun Technology Co., Ltd. WeiPHP

High
VulnerabilityCVE-2025-34045cvecve-2025-34045cwe-22cwe-200cwe-20
Published: Thu Jun 26 2025 (06/26/2025, 15:51:37 UTC)
Source: CVE Database V5
Vendor/Project: Shenzhen Yuanmengyun Technology Co., Ltd.
Product: WeiPHP

Description

A path traversal vulnerability exists in WeiPHP 5.0, an open source WeChat public account platform development framework by Shenzhen Yuanmengyun Technology Co., Ltd. The flaw occurs in the picUrl parameter of the /public/index.php/material/Material/_download_imgage endpoint, where insufficient input validation allows unauthenticated remote attackers to perform directory traversal via crafted POST requests. This enables arbitrary file read on the server, potentially exposing sensitive information such as configuration files and source code.

AI-Powered Analysis

AILast updated: 06/26/2025, 16:20:40 UTC

Technical Analysis

CVE-2025-34045 is a high-severity path traversal vulnerability identified in WeiPHP version 5.0, an open-source development framework for WeChat public account platforms created by Shenzhen Yuanmengyun Technology Co., Ltd. The vulnerability resides in the picUrl parameter of the /public/index.php/material/Material/_download_imgage endpoint. Due to insufficient input validation, unauthenticated remote attackers can craft POST requests that manipulate the picUrl parameter to perform directory traversal attacks. This allows attackers to read arbitrary files on the server, bypassing intended access restrictions. The potential impact includes exposure of sensitive files such as configuration files, source code, and other critical data stored on the server. The vulnerability is classified under CWE-22 (Improper Limitation of a Pathname to a Restricted Directory), CWE-200 (Information Exposure), and CWE-20 (Improper Input Validation). The CVSS v4.0 base score is 8.7, reflecting a high severity with network attack vector, no required privileges or user interaction, and high impact on confidentiality. No known exploits are currently reported in the wild, and no official patches have been released yet. The flaw's exploitation could facilitate further attacks such as credential theft, system compromise, or lateral movement within affected environments.

Potential Impact

For European organizations using WeiPHP 5.0 to manage WeChat public accounts or related services, this vulnerability poses a significant risk. Successful exploitation can lead to unauthorized disclosure of sensitive internal files, including configuration details and source code, which may contain credentials, API keys, or business logic. This exposure can facilitate subsequent attacks such as privilege escalation, data breaches, or service disruption. Given the nature of WeiPHP as a platform for public-facing WeChat accounts, compromised servers could also lead to reputational damage and loss of customer trust. Additionally, organizations in sectors with strict data protection regulations like GDPR could face compliance violations and associated penalties if sensitive personal data is exposed. The unauthenticated and remote exploitation vector increases the threat level, as attackers do not require prior access or user interaction, making it easier to target vulnerable systems at scale.

Mitigation Recommendations

Organizations should immediately audit their use of WeiPHP 5.0 and restrict access to the vulnerable endpoint where possible. Network-level controls such as web application firewalls (WAFs) should be configured to detect and block suspicious path traversal patterns in POST requests targeting the picUrl parameter. Input validation should be enforced by implementing strict whitelisting of allowed file paths and sanitizing user-supplied input to prevent directory traversal sequences (e.g., ../). Until an official patch is released, consider deploying virtual patching via WAF rules or disabling the affected functionality if feasible. Regularly monitor logs for anomalous access attempts to the /public/index.php/material/Material/_download_imgage endpoint. Additionally, conduct thorough security reviews of all publicly accessible endpoints and ensure that sensitive files are not stored in web-accessible directories. Organizations should also prepare incident response plans to quickly address any potential exploitation and consider isolating WeiPHP instances from critical internal networks.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
VulnCheck
Date Reserved
2025-04-15T19:15:22.547Z
Cvss Version
4.0
State
PUBLISHED

Threat ID: 685d6fabca1063fb8742bc04

Added to database: 6/26/2025, 4:04:59 PM

Last enriched: 6/26/2025, 4:20:40 PM

Last updated: 8/18/2025, 4:18:39 AM

Views: 37

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats