CVE-2025-27142 | LocalSend up to 1.16.x prepare-upload path traversal (GHSA-f7jp-p6j4-3522)

Inserito da Angelo Barbosa | Feb 25, 2025 | CVE

A vulnerability classified as critical was found in LocalSend up to 1.16.x. Affected by this vulnerability is an unknown functionality of the file /api/localsend/v2/prepare-upload. The manipulation leads to path traversal.

This vulnerability is known as CVE-2025-27142. The attack needs to be initiated within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-27142 | LocalSend up to 1.16.x prepare-upload path traversal (GHSA-f7jp-p6j4-3522)

Post correlati

CVE-2024-6910 | EventON Plugin up to 2.2.16 on WordPress Setting cross site scripting

CVE-2024-20749 | Adobe Acrobat 2020 out-of-bounds (apsb24-07)

CVE-2024-38633 | Linux Kernel up to 6.9.3 max3100 uart_register_driver null pointer dereference

CVE-2024-51574 | Simple Goods Plugin up to 0.1.3 on WordPress cross site scripting