CVE-2025-4545 is a path traversal vulnerability identified in version 2.1.2 of the CTCMS Content Management System, specifically within the 'del' function of the File Handler component located in ctcms\apps\controllers\admin\Tpl.php. The vulnerability arises from improper validation or sanitization of the 'File' argument, which allows an attacker to manipulate the file path and traverse directories outside the intended scope. This can enable unauthorized access to arbitrary files on the server. The vulnerability is remotely exploitable without requiring user interaction or authentication, increasing its risk profile. The CVSS 4.0 base score is 5.3, indicating a medium severity level, with network attack vector, low attack complexity, no privileges required, and no user interaction needed. The impact on confidentiality and integrity is limited but present, as unauthorized file access could expose sensitive data or allow modification of files. The availability impact is low. Although no known exploits are currently reported in the wild, the exploit code has been publicly disclosed, increasing the likelihood of exploitation. The vulnerability affects only version 2.1.2 of CTCMS, a content management system, which may be used by organizations to manage web content and files.

For European organizations using CTCMS 2.1.2, this vulnerability poses a risk of unauthorized file access, potentially exposing sensitive configuration files, user data, or intellectual property. Attackers could leverage this to gather information for further attacks or disrupt operations by deleting or altering critical files. Given the remote exploitability without authentication, attackers can target vulnerable systems over the internet, increasing exposure. The impact is particularly relevant for organizations hosting sensitive or regulated data, such as those in finance, healthcare, or government sectors. However, the medium severity and limited scope of impact suggest that while serious, this vulnerability is less likely to cause widespread disruption or complete system compromise on its own. Still, it could serve as a foothold for more advanced attacks if combined with other vulnerabilities or misconfigurations.

Organizations should immediately identify any deployments of CTCMS version 2.1.2 and prioritize upgrading to a patched version once available. In the absence of an official patch, temporary mitigations include implementing strict input validation and sanitization on the 'File' parameter to prevent directory traversal sequences (e.g., '..\' or '../'). Web application firewalls (WAFs) can be configured to detect and block suspicious path traversal patterns targeting the vulnerable endpoint. Access controls should be reviewed to restrict file system permissions, ensuring the web server process has minimal rights to sensitive directories and files. Additionally, monitoring and logging access to file management functions can help detect exploitation attempts early. Network segmentation and limiting exposure of the CMS administration interface to trusted networks or VPNs can reduce the attack surface. Regular security assessments and penetration testing focused on file handling components are recommended to identify similar issues proactively.