CVE-2025-60217 is a path traversal vulnerability identified in the PT Luxa Addons developed by ypromo, affecting versions up to and including 1.2.2. The vulnerability arises from improper limitation of pathname inputs, allowing an attacker to traverse directories beyond the intended restricted directory. This flaw enables an attacker with network access and low privileges (PR:L) to craft malicious requests that manipulate file paths, thereby modifying files outside the designated directory scope. The vulnerability does not require any user interaction (UI:N) and can be exploited remotely (AV:N). The scope is changed (S:C), indicating that the vulnerability affects resources beyond the initially vulnerable component. The CVSS 3.1 base score is 7.7 (high), reflecting the ease of exploitation combined with the potential impact on integrity (I:H) but no direct impact on confidentiality (C:N) or availability (A:N). While no known exploits are currently reported in the wild, the vulnerability's characteristics suggest it could be leveraged to alter critical files, potentially leading to privilege escalation or further compromise. The lack of available patches at the time of publication increases the urgency for mitigation. The vulnerability is particularly concerning for environments where PT Luxa Addons is integrated into web-facing or network-accessible systems, as the network attack vector and low complexity make exploitation feasible by attackers with limited access.

For European organizations, this vulnerability poses a significant risk to the integrity of systems using PT Luxa Addons. Successful exploitation could allow attackers to modify critical files, potentially leading to unauthorized code execution, configuration changes, or the introduction of backdoors. This could disrupt business operations, compromise data integrity, and facilitate further attacks such as privilege escalation or lateral movement within networks. Since the vulnerability does not affect confidentiality or availability directly, data breaches or denial of service are less likely immediate outcomes; however, the integrity impact alone can have severe operational and reputational consequences. Organizations in sectors with high regulatory scrutiny, such as finance, healthcare, and critical infrastructure, may face compliance risks if this vulnerability is exploited. The absence of known exploits in the wild provides a window for proactive defense, but the high severity score and ease of exploitation necessitate urgent attention.

European organizations should immediately inventory their use of PT Luxa Addons and identify affected versions (<=1.2.2). In the absence of official patches, implement strict input validation and sanitization on all pathname parameters to prevent directory traversal sequences (e.g., '..', '%2e%2e'). Employ web application firewalls (WAFs) with custom rules to detect and block path traversal attempts targeting PT Luxa Addons endpoints. Restrict network access to the affected components by implementing network segmentation and limiting exposure to trusted IP ranges. Monitor logs for suspicious file access patterns or unauthorized modifications indicative of exploitation attempts. Engage with the vendor or community for updates or patches and apply them promptly once available. Additionally, conduct regular integrity checks on critical files and maintain robust backup and recovery procedures to mitigate potential damage from unauthorized modifications. Educate developers and administrators on secure coding practices related to file path handling to prevent similar vulnerabilities in the future.