CVE-2025-54769
HIGHDescription
An authenticated, read-only user can upload a file and perform a directory traversal to have the uploaded file placed in a location of their choosing. This can be used to overwrite existing PERL modules within the application to achieve remote code execution (RCE) by an attacker.
Is your site exposed to CVE-2025-54769?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| xorux | lpar2rrd |
References
Frequently Asked Questions
What is CVE-2025-54769? +
How severe is CVE-2025-54769? +
What products are affected by CVE-2025-54769? +
How do I check if I'm vulnerable to CVE-2025-54769? +
Related Vulnerabilities
esm.sh is a nobuild content delivery network(CDN) for modern web development. In 136 and earlier, a path-traversal flaw in the …
Webmin before 2.640 does not safely construct a filename for saving of an attachment within the mailboxes component. This occurs …
Emlog Pro 2.5.20 has an arbitrary file deletion vulnerability. This vulnerability stems from the admin/template.php component and the admin/plugin.php component. …
The WP Compress – Image Optimizer [All-In-One] plugin for WordPress is vulnerable to Directory Traversal in all versions up to, …
The /charms endpoint on a Juju controller lacked sufficient authorization checks, allowing any user with an account on the controller …
Nuxt is a free and open-source framework to create full-stack web applications and websites with Vue.js. Nuxt Devtools is missing …