exploitDog

CVE-2025-46094

Опубликовано: 04 авг. 2025

Источник: nvd

CVSS3: 3.8

EPSS Низкий

Описание

LiquidFiles before 4.1.2 allows directory traversal by configuring the pathname of a local executable file as an Actionscript.

Ссылки

https://docs.liquidfiles.com/release_notes/version_4-1-x.html
Release Notes
https://projectblack.io/blog/liquidfiles-vulnerability-authenticated-rce/
Exploit
Third Party Advisory
https://projectblack.io/blog/liquidfiles-vulnerability-authenticated-rce/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:liquidfiles:liquidfiles:*:*:*:*:*:*:*:*

Версия до 4.1.2 (исключая)

EPSS

Процентиль: 24%

0.00078

Низкий

3.8 Low

CVSS3

Дефекты

CWE-24

Связанные уязвимости

CVE-2025-46094

redhat

19 дней назад

LiquidFiles before 4.1.2 allows directory traversal by configuring the pathname of a local executable file as an Actionscript.

GHSA-77rv-vmxx-p9gp

CVSS3: 3.8

github

18 дней назад

LiquidFiles before 4.1.2 allows directory traversal by configuring the pathname of a local executable file as an Actionscript.

EPSS

Процентиль: 24%

0.00078

Низкий

3.8 Low

CVSS3

Дефекты

CWE-24