CVE-2025-7452 | kone-net go-chat up to f9e58d0afa9bbdb31faf25e7739da330692c4c63 Endpoint file_controller.go GetFile fileName path traversal (Issue 14)

A vulnerability was found in kone-net go-chat up to f9e58d0afa9bbdb31faf25e7739da330692c4c63. It has been declared as critical. This vulnerability affects the function GetFile of the file go-chat/api/v1/file_controller.go of the component Endpoint. The manipulation of the argument fileName leads to path traversal.

This vulnerability was named CVE-2025-7452. The attack can be initiated remotely. Furthermore, there is an exploit available.

This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.

CVE-2025-7452 | kone-net go-chat up to f9e58d0afa9bbdb31faf25e7739da330692c4c63 Endpoint file_controller.go GetFile fileName path traversal (Issue 14)

Post correlati

CVE-2024-0246 | IceWarp 12.0.2.1/12.0.3.1 Utility Download /install/ lang cross site scripting

CVE-2023-44297 | Dell PowerEdge BIOS 1.4.4 unknown vulnerability (dsa-2023-429)

CVE-2023-51989 | D-Link DIR-822 1.0.2 HNAP1 Interface hard-coded password

CVE-2024-48907 | Sematell Sematell ReplyOne 7.4.3.0 Application Server API server-side request forgery (SYSS-2024-083)