Skip to main content

CVE-2025-48394: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Eaton G4 PDU

Medium
VulnerabilityCVE-2025-48394cvecve-2025-48394cwe-22
Published: Wed Aug 06 2025 (08/06/2025, 15:25:41 UTC)
Source: CVE Database V5
Vendor/Project: Eaton
Product: G4 PDU

Description

An attacker with authenticated and privileged access could modify the contents of a non-sensitive file by traversing the path in the limited shell of the CLI. This security issue has been fixed in the latest version which is available on the Eaton download center.

AI-Powered Analysis

AILast updated: 08/06/2025, 16:02:46 UTC

Technical Analysis

CVE-2025-48394 is a medium-severity vulnerability classified under CWE-22, which pertains to improper limitation of a pathname to a restricted directory, commonly known as a path traversal vulnerability. This issue affects Eaton's G4 Power Distribution Unit (PDU) product. The vulnerability allows an attacker who already has authenticated and privileged access to the device's command-line interface (CLI) limited shell to traverse directories beyond the intended restricted scope. By exploiting this flaw, the attacker can modify the contents of non-sensitive files outside the designated directory boundaries. Although the files affected are non-sensitive, unauthorized modification can lead to integrity and availability concerns, such as disrupting device operation or configuration. The vulnerability does not require user interaction and has a CVSS v3.1 base score of 4.7, indicating a medium severity level. The attack vector is network-based, with low attack complexity, but requires high privileges, and does not impact confidentiality significantly but affects integrity and availability to a limited extent. Eaton has addressed this vulnerability in the latest firmware version available on their download center, although no direct patch links were provided in the source information. There are no known exploits in the wild at this time. The vulnerability was reserved in May 2025 and published in August 2025, indicating recent discovery and disclosure.

Potential Impact

For European organizations using Eaton G4 PDUs, this vulnerability poses a moderate risk primarily to the integrity and availability of power distribution infrastructure. Since PDUs are critical for managing power supply in data centers, telecommunications, and industrial environments, unauthorized modification of files—even non-sensitive ones—could lead to misconfigurations, service interruptions, or denial of power management functions. This could affect uptime and operational continuity, especially in sectors reliant on high availability such as finance, healthcare, and critical infrastructure. The requirement for authenticated privileged access limits the risk to insiders or attackers who have already compromised credentials, but insider threats or lateral movement within networks could exploit this vulnerability. Given the network attack vector, remote exploitation within the organization's internal network is possible. The impact on confidentiality is minimal, but integrity and availability impacts could disrupt operations and require incident response efforts.

Mitigation Recommendations

European organizations should prioritize updating Eaton G4 PDUs to the latest firmware version that addresses CVE-2025-48394, available from Eaton's official download center. Until patching is completed, organizations should enforce strict access controls to limit privileged CLI access to trusted administrators only, employing multi-factor authentication where possible. Network segmentation should be used to isolate PDUs from general user networks, reducing the risk of lateral movement by attackers. Monitoring and logging of CLI access and file modifications on the PDU should be enabled to detect suspicious activities promptly. Additionally, organizations should review and harden their privileged access management policies and consider implementing anomaly detection for unusual command-line behaviors. Regular audits of PDU configurations and file integrity checks can help identify unauthorized changes early. Finally, organizations should engage with Eaton support for any additional recommended mitigations or updates.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
Eaton
Date Reserved
2025-05-20T04:07:25.100Z
Cvss Version
3.1
State
PUBLISHED

Threat ID: 68937922ad5a09ad00f257af

Added to database: 8/6/2025, 3:47:46 PM

Last enriched: 8/6/2025, 4:02:46 PM

Last updated: 8/18/2025, 1:22:21 AM

Views: 22

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats