CVE-2025-7575 is a path traversal vulnerability identified in Zavy86 WikiDocs versions 1.0.67 through 1.0.77. The vulnerability resides in the functions image_drop_upload_ajax and image_delete_ajax within the submit.php file. Path traversal vulnerabilities allow an attacker to manipulate file paths to access files and directories outside the intended scope, potentially exposing sensitive data or enabling unauthorized file operations. In this case, the vulnerability can be exploited remotely without user interaction or authentication, as indicated by the CVSS vector (AV:N/AC:L/AT:N/UI:N/PR:H). However, the attacker requires high privileges (PR:H), implying that some form of elevated access or credentials is necessary to exploit the flaw. The vulnerability impacts confidentiality, integrity, and availability to a limited extent (VC:L, VI:L, VA:L), suggesting that while exploitation can lead to unauthorized file access or deletion, the overall damage is somewhat constrained. The vendor has addressed this issue in version 1.0.78, with the patch identified by commit 98ea9ee4a2052c4327f89d2f7688cc1b5749450d. No known exploits are currently reported in the wild, but the critical nature of path traversal vulnerabilities warrants prompt attention. The vulnerability's medium CVSS score of 5.1 reflects the balance between ease of exploitation (no user interaction, network vector) and the requirement for high privileges, as well as the limited scope of impact. Organizations using affected versions of WikiDocs should prioritize upgrading to version 1.0.78 to mitigate this risk.

For European organizations, the impact of CVE-2025-7575 depends largely on the deployment of Zavy86 WikiDocs within their IT environments. WikiDocs is typically used for collaborative documentation and knowledge management, often containing sensitive internal information. Exploitation of this path traversal vulnerability could allow an attacker with elevated privileges to access or delete files outside the intended directories, potentially exposing confidential documents or disrupting documentation services. This could lead to information leakage, operational disruption, and reputational damage. Given the remote exploitability, attackers could leverage this vulnerability as part of a broader attack chain, especially in environments where privilege escalation has already occurred. The medium severity suggests that while the threat is significant, it may not directly lead to full system compromise without additional vulnerabilities or misconfigurations. However, in regulated sectors common in Europe such as finance, healthcare, and government, any unauthorized data access or service disruption could have compliance and legal consequences under GDPR and other data protection regulations.

1. Immediate upgrade of all affected WikiDocs instances to version 1.0.78 or later, which contains the official patch for this vulnerability. 2. Restrict access to WikiDocs administrative functions and ensure that only trusted, authenticated users have high privilege levels to reduce the risk of exploitation. 3. Implement strict input validation and sanitization on file path parameters to prevent path traversal attempts, even beyond the vendor patch. 4. Employ file system permissions and sandboxing to limit the scope of accessible directories and files for the WikiDocs application process. 5. Monitor logs for unusual file access patterns or deletion requests that could indicate exploitation attempts. 6. Conduct regular security audits and penetration tests focusing on web application vulnerabilities, including path traversal. 7. Use web application firewalls (WAFs) with rules designed to detect and block path traversal payloads targeting the affected endpoints. 8. Educate administrators and developers about secure coding practices and the importance of timely patching.