Home

Description

wangxutech MoneyPrinterTurbo 1.2.6 allows path traversal via /api/v1/download/ URIs such as /api/v1/download//etc/passwd.

PUBLISHED Reserved 2025-05-30 | Published 2025-09-15 | Updated 2025-09-15 | Assigner mitre

References

www.wangxutech.com

github.com/harry0703/MoneyPrinterTurbo

moneyprinterturbo.net

gist.github.com/Theresasu1/3a9ced1f3d8208cc9f99ce34057cf681

cve.org (CVE-2025-49089)

nvd.nist.gov (CVE-2025-49089)

Download JSON