CVE-2025-1086 | Safetytest Cloud-Master Server up to 1.1.1 /static/ path traversal

A vulnerability has been found in Safetytest Cloud-Master Server up to 1.1.1 and classified as critical. This vulnerability affects unknown code of the file /static/. The manipulation leads to path traversal: ‘../filedir’.

This vulnerability was named CVE-2025-1086. The attack can be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

It is recommended to apply restrictive firewalling.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2025-1086 | Safetytest Cloud-Master Server up to 1.1.1 /static/ path traversal

Post correlati

CVE-2024-10653 | Changing Information Technology IDExpert up to 2.8 Administrator Interface os command injection

CVE-2024-38863 | Checkmk up to 2.1.0p47/2.2.0p34/2.3.0p17 get request method with sensitive query strings

CVE-2023-50470 | SeaCMS 12.8 admin_video.php action cross site scripting

CVE-2024-5663 | Cards for Beaver Builder Plugin up to 1.1.3 on WordPress Cards Widget cross site scripting