CVE-2025-4530: Path Traversal in feng_ha_ha ssm-erp
A vulnerability was found in feng_ha_ha/megagao ssm-erp and production_ssm 1.0. It has been declared as problematic. Affected by this vulnerability is the function handleFileDownload of the file FileController.java of the component File Handler. The manipulation leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product is distributed under two entirely different names.
AI Analysis
Technical Summary
CVE-2025-4530 is a path traversal vulnerability identified in the ssm-erp software products distributed under the names feng_ha_ha/megagao ssm-erp and production_ssm version 1.0. The vulnerability resides in the handleFileDownload function within the FileController.java source file, part of the File Handler component. Path traversal vulnerabilities allow an attacker to manipulate file path inputs to access files and directories outside the intended scope, potentially exposing sensitive system files or application data. This vulnerability can be exploited remotely without requiring user interaction or authentication, as indicated by the CVSS vector (AV:N/AC:L/AT:N/UI:N/PR:L). The CVSS 4.0 score of 5.3 classifies it as medium severity, reflecting moderate impact and ease of exploitation. The vulnerability affects confidentiality to a limited extent (VC:L) but does not impact integrity or availability. Although no public exploits are currently known in the wild, the exploit details have been disclosed publicly, increasing the risk of exploitation. The product is distributed under two different names, which may complicate detection and patch management. No patches or fixes have been linked or published yet, indicating that affected organizations may still be vulnerable. The vulnerability's presence in an ERP system is significant because ERP platforms often contain sensitive business data and are critical to organizational operations.
Potential Impact
For European organizations using the affected ssm-erp 1.0 versions, this vulnerability poses a risk of unauthorized access to sensitive files stored on the ERP server. Attackers exploiting the path traversal flaw could retrieve configuration files, credentials, or proprietary business data, potentially leading to data breaches or facilitating further attacks. Although the vulnerability does not directly affect system integrity or availability, the confidentiality breach could have regulatory implications under GDPR, especially if personal or sensitive data is exposed. The remote and unauthenticated nature of the exploit increases the threat level, as attackers can attempt exploitation without insider access. Given that ERP systems are often integrated with multiple business processes, any compromise could disrupt workflows or erode trust in the system's security. The lack of available patches means organizations must rely on mitigations to reduce exposure until official fixes are released.
Mitigation Recommendations
European organizations should immediately conduct an inventory to identify any deployments of feng_ha_ha/megagao ssm-erp or production_ssm version 1.0. Until patches are available, organizations should implement strict input validation and sanitization on the handleFileDownload function to prevent path traversal characters such as '../' sequences. Network-level controls such as web application firewalls (WAFs) should be configured to detect and block suspicious path traversal attempts targeting the ERP system. Access to the ERP server should be restricted using network segmentation and IP whitelisting to limit exposure to trusted sources only. Monitoring and logging of file access requests should be enhanced to detect anomalous activity indicative of exploitation attempts. Organizations should engage with the vendor or community for updates on patches and apply them promptly once released. Additionally, conducting penetration testing focused on path traversal vectors can help verify the effectiveness of mitigations.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Spain, Poland
CVE-2025-4530: Path Traversal in feng_ha_ha ssm-erp
Description
A vulnerability was found in feng_ha_ha/megagao ssm-erp and production_ssm 1.0. It has been declared as problematic. Affected by this vulnerability is the function handleFileDownload of the file FileController.java of the component File Handler. The manipulation leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product is distributed under two entirely different names.
AI-Powered Analysis
Technical Analysis
CVE-2025-4530 is a path traversal vulnerability identified in the ssm-erp software products distributed under the names feng_ha_ha/megagao ssm-erp and production_ssm version 1.0. The vulnerability resides in the handleFileDownload function within the FileController.java source file, part of the File Handler component. Path traversal vulnerabilities allow an attacker to manipulate file path inputs to access files and directories outside the intended scope, potentially exposing sensitive system files or application data. This vulnerability can be exploited remotely without requiring user interaction or authentication, as indicated by the CVSS vector (AV:N/AC:L/AT:N/UI:N/PR:L). The CVSS 4.0 score of 5.3 classifies it as medium severity, reflecting moderate impact and ease of exploitation. The vulnerability affects confidentiality to a limited extent (VC:L) but does not impact integrity or availability. Although no public exploits are currently known in the wild, the exploit details have been disclosed publicly, increasing the risk of exploitation. The product is distributed under two different names, which may complicate detection and patch management. No patches or fixes have been linked or published yet, indicating that affected organizations may still be vulnerable. The vulnerability's presence in an ERP system is significant because ERP platforms often contain sensitive business data and are critical to organizational operations.
Potential Impact
For European organizations using the affected ssm-erp 1.0 versions, this vulnerability poses a risk of unauthorized access to sensitive files stored on the ERP server. Attackers exploiting the path traversal flaw could retrieve configuration files, credentials, or proprietary business data, potentially leading to data breaches or facilitating further attacks. Although the vulnerability does not directly affect system integrity or availability, the confidentiality breach could have regulatory implications under GDPR, especially if personal or sensitive data is exposed. The remote and unauthenticated nature of the exploit increases the threat level, as attackers can attempt exploitation without insider access. Given that ERP systems are often integrated with multiple business processes, any compromise could disrupt workflows or erode trust in the system's security. The lack of available patches means organizations must rely on mitigations to reduce exposure until official fixes are released.
Mitigation Recommendations
European organizations should immediately conduct an inventory to identify any deployments of feng_ha_ha/megagao ssm-erp or production_ssm version 1.0. Until patches are available, organizations should implement strict input validation and sanitization on the handleFileDownload function to prevent path traversal characters such as '../' sequences. Network-level controls such as web application firewalls (WAFs) should be configured to detect and block suspicious path traversal attempts targeting the ERP system. Access to the ERP server should be restricted using network segmentation and IP whitelisting to limit exposure to trusted sources only. Monitoring and logging of file access requests should be enhanced to detect anomalous activity indicative of exploitation attempts. Organizations should engage with the vendor or community for updates on patches and apply them promptly once released. Additionally, conducting penetration testing focused on path traversal vectors can help verify the effectiveness of mitigations.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- VulDB
- Date Reserved
- 2025-05-10T05:38:11.170Z
- Cisa Enriched
- true
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 682d9817c4522896dcbd70db
Added to database: 5/21/2025, 9:08:39 AM
Last enriched: 7/12/2025, 4:48:25 AM
Last updated: 7/28/2025, 9:01:12 PM
Views: 11
Related Threats
CVE-2025-7973: CWE-268: Privilege Chaining in Rockwell Automation FactoryTalk® ViewPoint
HighCVE-2025-7773: CWE-863: Incorrect Authorization in Rockwell Automation 5032-CFGB16M12P5DR
HighCVE-2025-43984: n/a
CriticalCVE-2025-36581: CWE-788: Access of Memory Location After End of Buffer in Dell PowerEdge
LowCVE-2025-9036: CWE-200 Exposure of Sensitive Information to an Unauthorized Actor in Rockwell Automation FactoryTalk® Action Manager
HighActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.