Home

Description

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Missing Authorization vulnerability in Innorix WP allows Path Traversal.This issue affects Innorix WP from All versions If the "exam" directory exists under the directory where the product is installed (ex: innorix/exam)

PUBLISHED Reserved 2025-12-24 | Published 2025-12-29 | Updated 2025-12-29 | Assigner FSI




MEDIUM: 6.9CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

MEDIUM: 6.2CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Problem types

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-862 Missing Authorization

Product status

Default status
unknown

Any version before *
unknown

Credits

mak3bread(김민성, Minseong Kim) finder

References

www.innorix.com/

www.gnit.co.kr/software/innorix_product.html

cve.org (CVE-2025-15066)

nvd.nist.gov (CVE-2025-15066)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.