CVE-2025-58438 is a critical path traversal vulnerability (CWE-22) affecting the 'internetarchive' Python library and CLI tool developed by jjjake, specifically in versions 5.5.0 and below. The vulnerability resides in the File.download() method, which fails to properly sanitize user-supplied filenames and validate the final download path. This improper limitation allows an attacker to craft malicious filenames containing path traversal sequences (e.g., '../../../../windows/system32/file.txt') or illegal characters that cause files to be written outside the intended target directory. Such unauthorized file writes can lead to overwriting critical system or application files. The consequences of exploitation vary depending on the environment and context in which the library is used, potentially resulting in denial of service (by corrupting essential files), privilege escalation (by overwriting configuration or executable files), or remote code execution (if malicious payloads are placed in executable paths). Although the vulnerability is particularly critical on Windows systems due to the nature of system file paths and permissions, all operating systems using the affected versions are vulnerable. The issue was addressed and fixed in version 5.5.1 of the internetarchive library. The CVSS v4.0 base score is 9.4, reflecting the vulnerability's critical severity, with an attack vector of network, no required privileges or authentication, low attack complexity, and requiring user interaction. The impact on confidentiality, integrity, and availability is high, and the scope is changed, indicating that exploitation can affect components beyond the vulnerable library itself.

For European organizations, the impact of this vulnerability can be significant, especially for those relying on the internetarchive Python library or CLI tool for automation, archival, or data retrieval tasks from Archive.org. Exploitation could lead to unauthorized file overwrites, potentially disrupting critical business applications or system operations. This could cause service outages (denial of service), compromise system integrity, or enable attackers to escalate privileges or execute arbitrary code remotely. Organizations using Windows systems are at heightened risk due to the vulnerability's ability to target sensitive system files. Additionally, the compromise of configuration files could lead to persistent backdoors or further lateral movement within enterprise networks. Given the library's open-source nature and usage in various projects, indirect dependencies may also be affected, increasing the attack surface. The lack of known exploits in the wild currently reduces immediate risk, but the critical severity and ease of exploitation warrant urgent attention.

European organizations should immediately upgrade the internetarchive library to version 5.5.1 or later, where the vulnerability is patched. For environments where immediate upgrade is not feasible, implement strict input validation and sanitization on any user-supplied filenames before passing them to the File.download() method. Employ application-level controls to restrict file write operations to designated directories using secure coding practices such as canonicalization and path normalization. Use operating system-level access controls to limit the permissions of processes running the internetarchive tool, preventing unauthorized file modifications outside intended directories. Monitor file system activity for unusual write operations, especially those targeting critical system or configuration files. Incorporate runtime application self-protection (RASP) or endpoint detection and response (EDR) solutions to detect and block suspicious behaviors related to path traversal exploitation. Finally, conduct thorough dependency audits to identify indirect usage of the vulnerable library and ensure all instances are updated or mitigated accordingly.