CVE-2025-65952 is a path traversal vulnerability classified under CWE-22 that affects the iiDk-the-actual Console software used to control Gorilla Tag mods and network users. The vulnerability exists in versions prior to 2.8.0 and allows an attacker to bypass directory restrictions by crafting input containing complex combinations of backslashes and periods. This input manipulation enables the attacker to escape the intended Gorilla Tag directory and write files to arbitrary locations on the underlying file system. The vulnerability does not require authentication, user interaction, or privileges, and can be exploited remotely over the network. The impact primarily affects data integrity, as unauthorized files can be created or existing files overwritten, potentially leading to further compromise or persistence mechanisms. The vulnerability has been assigned a CVSS 4.0 score of 8.7, reflecting its high severity due to ease of exploitation and significant impact. The vendor has addressed this issue in version 2.8.0 by implementing proper pathname restrictions and input validation to prevent directory traversal. No known exploits have been reported in the wild as of the publication date, but the potential for exploitation remains significant given the nature of the flaw and the lack of required authentication.

For European organizations, this vulnerability poses a significant risk especially for those involved in gaming, mod development, or using the iiDk-the-actual Console for network management. Successful exploitation could allow attackers to write malicious files, potentially leading to system compromise, data integrity loss, or further lateral movement within networks. This could disrupt operations, damage reputations, and cause data breaches. Given the Console’s role in controlling mod users, attackers might also manipulate game environments or user data, impacting user trust and service availability. The lack of authentication and user interaction requirements increases the likelihood of exploitation. Organizations that have not updated to version 2.8.0 remain vulnerable. The impact is heightened in environments where the Console runs with elevated privileges or on critical infrastructure supporting gaming communities or related services.

1. Immediate upgrade to iiDk-the-actual Console version 2.8.0 or later, where the vulnerability is patched. 2. Implement strict input validation and sanitization on all pathname inputs to prevent traversal sequences, even beyond the vendor patch. 3. Employ file system permissions to restrict the Console’s write access strictly to necessary directories, minimizing potential damage from exploitation. 4. Monitor file system changes and logs for unusual write operations outside expected directories. 5. Use network segmentation to isolate the Console server from critical infrastructure and limit exposure. 6. Conduct regular vulnerability scans and penetration tests focusing on path traversal and input validation weaknesses. 7. Educate administrators and developers about secure coding practices related to file path handling. 8. Maintain an incident response plan to quickly address any exploitation attempts.