CVE-2025-45317 is a vulnerability identified in the hortusfox-web application, specifically within the /modules/ImportModule.php component. This vulnerability is classified as a Zip Slip, a type of directory traversal attack that occurs when an application extracts files from a compressed archive without properly validating file paths. In this case, an attacker can craft a malicious archive containing file paths that traverse directories outside the intended extraction folder. When the vulnerable ImportModule.php processes this archive, it can overwrite arbitrary files on the server filesystem. This flaw enables an attacker to execute arbitrary code by placing malicious scripts or binaries in critical locations, potentially leading to full system compromise. The vulnerability affects hortusfox-web version 4.4, although exact affected versions are not specified. No CVSS score has been assigned yet, and no public exploits are currently known. The vulnerability was reserved in April 2025 and published in August 2025, indicating it is a recent discovery. The lack of patch links suggests that a fix may not yet be publicly available, increasing the urgency for organizations to implement mitigations.

For European organizations using hortusfox-web v4.4, this vulnerability poses a significant risk. Successful exploitation could lead to unauthorized code execution, allowing attackers to gain control over affected servers. This could result in data breaches, service disruption, or the deployment of ransomware or other malware. Given that hortusfox-web is a web application, exploitation could also facilitate lateral movement within internal networks, compromising additional systems. The impact on confidentiality, integrity, and availability is high, as attackers can manipulate or exfiltrate sensitive data and disrupt business operations. Organizations in sectors with strict data protection regulations, such as finance, healthcare, and government, face increased compliance risks and potential legal consequences if exploited. The absence of known exploits in the wild provides a window for proactive defense, but the vulnerability's nature means it could be weaponized quickly once details become widely known.

Immediate mitigation should focus on restricting the handling of archive files by hortusfox-web's ImportModule.php. Organizations should implement strict input validation and sanitization to prevent directory traversal sequences in archive file paths. Until an official patch is released, consider disabling or restricting the import functionality to trusted users only. Employ application-layer firewalls or web application firewalls (WAFs) with rules designed to detect and block suspicious archive uploads or extraction attempts. Conduct thorough monitoring of file system changes and audit logs for unusual activity indicative of exploitation attempts. Additionally, isolate the hortusfox-web application environment using containerization or sandboxing to limit the blast radius of a potential compromise. Regular backups and incident response plans should be updated to prepare for possible exploitation scenarios. Finally, maintain close communication with the hortusfox-web vendor for timely patch releases and apply updates promptly once available.