CVE-2025-6774 is a path traversal vulnerability identified in the gooaclok819 sublinkX software, affecting all versions up to 1.8. The vulnerability resides specifically in the AddTemp function within the api/template.go source file. The flaw arises from improper validation or sanitization of the filename argument, which allows an attacker to manipulate the input to traverse directories outside the intended file path. This can enable unauthorized access to arbitrary files on the server hosting sublinkX. The vulnerability can be exploited remotely without requiring user interaction or authentication, increasing its risk profile. Although the CVSS 4.0 base score is 5.3 (medium severity), the vulnerability's ability to expose sensitive files or system data can have significant consequences depending on the deployment context. The vendor has addressed the issue in version 1.9, and a patch identified by commit 778d26aef723daa58df98c8060c43f5bf5d1b10b is available. No known exploits are currently reported in the wild, but public disclosure of the exploit code means attackers could develop weaponized attacks quickly. The vulnerability does not require privileges or user interaction, and the attack vector is network-based, making it accessible to remote adversaries. The impact on confidentiality, integrity, and availability is low to moderate, as the attacker can read arbitrary files but cannot directly modify or delete files or execute code through this flaw alone.

For European organizations, this vulnerability poses a risk primarily to confidentiality, as attackers could access sensitive configuration files, credentials, or other protected data stored on servers running vulnerable versions of sublinkX. This could lead to further compromise if sensitive information such as database credentials or private keys is exposed. The integrity and availability impacts are limited since the vulnerability does not allow direct modification or deletion of files or remote code execution. However, the exposure of sensitive data could facilitate subsequent attacks, including privilege escalation or lateral movement within networks. Organizations in sectors with strict data protection regulations, such as finance, healthcare, and government, could face compliance and reputational risks if data is leaked. The remote and unauthenticated nature of the exploit increases the urgency of patching, especially for externally facing systems. Since no known exploits are currently active in the wild, organizations have a window to remediate before widespread attacks occur.

1. Immediate upgrade to sublinkX version 1.9 or later, which contains the official patch addressing the path traversal vulnerability. 2. If immediate upgrade is not feasible, implement input validation and sanitization on the filename parameter at the application or web server level to block directory traversal characters such as '../'. 3. Employ web application firewalls (WAFs) with custom rules to detect and block path traversal attack patterns targeting the AddTemp function or related API endpoints. 4. Restrict file system permissions for the sublinkX application user to the minimum necessary, preventing access to sensitive directories and files outside the application scope. 5. Monitor logs for suspicious requests containing directory traversal sequences or unusual file access patterns. 6. Conduct a thorough audit of exposed files and credentials on affected systems to identify any potential data leakage. 7. Educate development and operations teams about secure coding practices to prevent similar vulnerabilities in future releases.