CVE-2025-5385: Path Traversal in JeeWMS
A vulnerability was found in JeeWMS up to 20250504. It has been declared as critical. This vulnerability affects the function doAdd of the file /cgformTemplateController.do?doAdd. The manipulation leads to path traversal. The attack can be initiated remotely. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.
AI Analysis
Technical Summary
CVE-2025-5385 is a path traversal vulnerability identified in JeeWMS, a web-based workflow management system. The vulnerability exists in the doAdd function of the /cgformTemplateController.do?doAdd endpoint. Path traversal vulnerabilities allow an attacker to manipulate file paths to access files and directories outside the intended scope, potentially exposing sensitive information or enabling further system compromise. This vulnerability can be exploited remotely without user interaction or authentication, increasing its risk profile. The vulnerability affects JeeWMS versions up to 20250504, but due to the product's continuous delivery and rolling release model, precise affected versions and patches are not clearly delineated. The CVSS 4.0 base score is 5.3 (medium severity), reflecting network attack vector, low attack complexity, no privileges or user interaction required, and limited impact on confidentiality, integrity, and availability. The vulnerability's exploitation could lead to unauthorized file access or modification, which may be leveraged for further attacks such as information disclosure or privilege escalation. No known exploits are currently reported in the wild, but the critical nature of path traversal vulnerabilities warrants proactive mitigation.
Potential Impact
For European organizations using JeeWMS, this vulnerability poses a risk of unauthorized access to sensitive files on the server hosting the application. This could lead to exposure of confidential business data, intellectual property, or personal data protected under GDPR, resulting in regulatory penalties and reputational damage. The ability to exploit this remotely without authentication increases the threat surface, especially for organizations with publicly accessible JeeWMS instances. The impact on integrity and availability is limited but not negligible, as attackers might modify files or disrupt service by accessing critical system files. Given the medium CVSS score, the threat is moderate but should not be underestimated, particularly for sectors handling sensitive workflows such as finance, healthcare, or government services within Europe.
Mitigation Recommendations
European organizations should immediately audit their JeeWMS deployments to identify affected versions. Given the continuous delivery model, organizations must establish a robust update and patch management process to ensure timely application of security fixes once available. In the interim, implement strict input validation and sanitization on the doAdd endpoint to prevent malicious path traversal payloads. Employ web application firewalls (WAFs) with custom rules to detect and block path traversal attempts targeting /cgformTemplateController.do. Restrict file system permissions for the application to the minimum necessary, preventing unauthorized file access even if traversal is attempted. Monitor logs for suspicious access patterns and conduct regular security assessments of JeeWMS instances. Additionally, network segmentation and limiting public exposure of JeeWMS can reduce attack surface.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Spain, Poland
CVE-2025-5385: Path Traversal in JeeWMS
Description
A vulnerability was found in JeeWMS up to 20250504. It has been declared as critical. This vulnerability affects the function doAdd of the file /cgformTemplateController.do?doAdd. The manipulation leads to path traversal. The attack can be initiated remotely. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available.
AI-Powered Analysis
Technical Analysis
CVE-2025-5385 is a path traversal vulnerability identified in JeeWMS, a web-based workflow management system. The vulnerability exists in the doAdd function of the /cgformTemplateController.do?doAdd endpoint. Path traversal vulnerabilities allow an attacker to manipulate file paths to access files and directories outside the intended scope, potentially exposing sensitive information or enabling further system compromise. This vulnerability can be exploited remotely without user interaction or authentication, increasing its risk profile. The vulnerability affects JeeWMS versions up to 20250504, but due to the product's continuous delivery and rolling release model, precise affected versions and patches are not clearly delineated. The CVSS 4.0 base score is 5.3 (medium severity), reflecting network attack vector, low attack complexity, no privileges or user interaction required, and limited impact on confidentiality, integrity, and availability. The vulnerability's exploitation could lead to unauthorized file access or modification, which may be leveraged for further attacks such as information disclosure or privilege escalation. No known exploits are currently reported in the wild, but the critical nature of path traversal vulnerabilities warrants proactive mitigation.
Potential Impact
For European organizations using JeeWMS, this vulnerability poses a risk of unauthorized access to sensitive files on the server hosting the application. This could lead to exposure of confidential business data, intellectual property, or personal data protected under GDPR, resulting in regulatory penalties and reputational damage. The ability to exploit this remotely without authentication increases the threat surface, especially for organizations with publicly accessible JeeWMS instances. The impact on integrity and availability is limited but not negligible, as attackers might modify files or disrupt service by accessing critical system files. Given the medium CVSS score, the threat is moderate but should not be underestimated, particularly for sectors handling sensitive workflows such as finance, healthcare, or government services within Europe.
Mitigation Recommendations
European organizations should immediately audit their JeeWMS deployments to identify affected versions. Given the continuous delivery model, organizations must establish a robust update and patch management process to ensure timely application of security fixes once available. In the interim, implement strict input validation and sanitization on the doAdd endpoint to prevent malicious path traversal payloads. Employ web application firewalls (WAFs) with custom rules to detect and block path traversal attempts targeting /cgformTemplateController.do. Restrict file system permissions for the application to the minimum necessary, preventing unauthorized file access even if traversal is attempted. Monitor logs for suspicious access patterns and conduct regular security assessments of JeeWMS instances. Additionally, network segmentation and limiting public exposure of JeeWMS can reduce attack surface.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- VulDB
- Date Reserved
- 2025-05-30T12:46:31.058Z
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 683b31a0182aa0cae2e9f0d2
Added to database: 5/31/2025, 4:43:12 PM
Last enriched: 7/9/2025, 12:55:14 AM
Last updated: 7/30/2025, 4:11:33 PM
Views: 12
Related Threats
CVE-2025-8938: Backdoor in TOTOLINK N350R
MediumCVE-2025-8937: Command Injection in TOTOLINK N350R
MediumCVE-2025-8936: SQL Injection in 1000 Projects Sales Management System
MediumCVE-2025-5942: CWE-122 Heap-based Buffer Overflow in Netskope Netskope Client
MediumCVE-2025-5941: CWE-125 Out-of-Bounds Read in Netskope Netskope Client
LowActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.