CVE-2025-65879 is a security vulnerability identified in Warehouse Management System version 1.2, involving an authenticated arbitrary file deletion flaw. The vulnerability is located in the /goods/deleteGoods API endpoint, which accepts a parameter named 'goodsimg'. This parameter is directly concatenated with the server's UPLOAD_PATH directory path and passed to the File.delete() function without any validation or sanitization. Because of this, an attacker who has valid authentication credentials can craft a directory traversal payload within the 'goodsimg' parameter to delete arbitrary files on the server's filesystem. This can lead to deletion of critical system files, application files, or data files, potentially causing denial of service or enabling further compromise. The vulnerability requires authentication, which limits exposure to attackers with valid credentials or those who have compromised accounts. There is no indication of public exploits or patches available at the time of publication. The lack of input validation on file paths is a common security weakness that can be exploited to bypass intended access controls. The vulnerability impacts the integrity and availability of the affected system, as arbitrary file deletion can disrupt normal operations or cause data loss. The vulnerability does not require additional user interaction beyond authentication, making it easier to exploit once credentials are obtained. The absence of a CVSS score necessitates an assessment based on impact and exploitability factors. Given the critical role of WMS in supply chain and inventory management, exploitation could have cascading effects on business operations.

For European organizations, this vulnerability poses a significant risk to the integrity and availability of warehouse management systems that are critical for supply chain operations. Arbitrary file deletion can disrupt inventory tracking, order fulfillment, and logistics processes, potentially causing operational downtime and financial losses. Organizations in sectors such as manufacturing, retail, and logistics that rely heavily on WMS software are particularly vulnerable. The ability for an authenticated attacker to delete arbitrary files could also facilitate further attacks, such as deleting logs to cover tracks or removing security configurations. This could undermine trust in the affected systems and lead to regulatory compliance issues, especially under GDPR where data integrity and availability are important. The lack of a patch or known exploits suggests that organizations must proactively assess their exposure and implement mitigations. The impact is amplified in environments where authentication credentials are shared or weakly protected, increasing the risk of unauthorized exploitation. Disruption of warehouse operations in critical infrastructure or large-scale distribution centers in Europe could have broader economic consequences.

To mitigate CVE-2025-65879, organizations should first conduct an immediate audit of access controls and authentication mechanisms to ensure that only authorized personnel have access to the Warehouse Management System. Implement strict credential management policies, including multi-factor authentication, to reduce the risk of credential compromise. Since no patch is currently available, apply input validation and sanitization at the application level to prevent directory traversal payloads in the 'goodsimg' parameter. This can include whitelisting allowed file names, restricting file paths to a safe directory, and rejecting suspicious input containing traversal sequences such as '../'. Employ file system permissions to limit the WMS application's ability to delete files outside designated directories. Monitor logs for unusual file deletion activities and implement alerting for suspicious behavior. Consider deploying web application firewalls (WAFs) with rules to detect and block directory traversal attempts. Regularly back up critical files and system configurations to enable recovery in case of file deletion. Engage with the vendor or software maintainers to obtain patches or updates addressing this vulnerability. Finally, conduct security awareness training for users to prevent credential theft and phishing attacks that could lead to unauthorized access.