CVE-2025-44177 | THREATINT

Description

A directory traversal vulnerability was discovered in White Star Software Protop version 4.4.2-2024-11-27, specifically in the /pt3upd/ endpoint. An unauthenticated attacker can remotely read arbitrary files on the underlying OS using encoded traversal sequences.

PUBLISHED Reserved 2025-04-22 | Published 2025-07-09 | Updated 2025-07-09 | Assigner mitre

References

gist.github.com/stSLAYER/4a2ecfbab1215a0be0dde59c4ac0122d

protop.com

cve.org (CVE-2025-44177)

nvd.nist.gov (CVE-2025-44177)

Download JSON