CVE-2025-65879 is an authenticated arbitrary file deletion vulnerability affecting Warehouse Management System version 1.2. The vulnerability arises from improper input validation in the /goods/deleteGoods API endpoint, which accepts a parameter named goodsimg. This parameter is directly concatenated with the server's UPLOAD_PATH directory path and passed to the File.delete() function without any sanitization or validation. Because of this, an attacker who has valid authentication credentials can craft directory traversal payloads (e.g., using ../ sequences) in the goodsimg parameter to delete arbitrary files anywhere on the server filesystem where the application has write permissions. This flaw corresponds to CWE-22 (Improper Limitation of a Pathname to a Restricted Directory). The vulnerability impacts the integrity and availability of the affected system by allowing deletion of critical files, potentially causing denial of service or data loss. The CVSS v3.1 base score is 8.1, reflecting network attack vector, low attack complexity, requiring privileges but no user interaction, and high impact on integrity and availability. No patches or known exploits have been reported as of the publication date (December 5, 2025). The vulnerability requires authentication, limiting exposure to attackers who have compromised or obtained valid credentials. However, the risk remains significant due to the potential for damaging file deletions. This vulnerability is particularly concerning for organizations relying on this Warehouse Management System for supply chain and inventory management, as disruption could impact business operations.

For European organizations, the impact of CVE-2025-65879 can be substantial, especially for those in logistics, manufacturing, and retail sectors that depend heavily on Warehouse Management Systems for inventory control and supply chain operations. Successful exploitation can lead to deletion of critical application files, configuration files, or data files, resulting in system downtime, loss of data integrity, and disruption of warehouse operations. This could cascade into delayed shipments, inventory inaccuracies, and financial losses. Additionally, deletion of security-related files or logs could hinder incident response efforts. The requirement for authentication reduces the risk from external unauthenticated attackers but increases the threat from insider attackers or compromised credentials. Given the interconnected nature of supply chains in Europe, disruption in one organization can have broader economic impacts. Furthermore, regulatory compliance such as GDPR mandates protection of data integrity and availability, so exploitation could also lead to compliance violations and reputational damage.

To mitigate CVE-2025-65879, organizations should implement the following specific measures: 1) Apply strict input validation and sanitization on the goodsimg parameter to disallow directory traversal characters or sequences (e.g., ../). 2) Implement whitelist-based validation to ensure only expected filenames or file identifiers are accepted. 3) Enforce least privilege on the application’s file system permissions so that the application process cannot delete files outside of a designated upload directory. 4) Introduce additional access controls to restrict which authenticated users can invoke the /goods/deleteGoods endpoint. 5) Monitor and log file deletion requests and alert on suspicious patterns indicative of directory traversal attempts. 6) Conduct code reviews and penetration testing focused on file handling functions. 7) If possible, isolate the upload directory on a separate filesystem or container to limit blast radius. 8) Develop and deploy patches or updates from the vendor as soon as they become available. 9) Educate users on credential security to reduce risk of compromised accounts. 10) Implement multi-factor authentication to reduce risk of unauthorized access.