CVE-2025-54317 | THREATINT

Description

An issue was discovered in Logpoint before 7.6.0. An attacker with operator privileges can exploit a path traversal vulnerability when creating a Layout Template, which can lead to remote code execution (RCE).

PUBLISHED Reserved 2025-07-20 | Published 2025-07-20 | Updated 2025-07-30 | Assigner mitre

HIGH: 8.4CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H

Problem types

CWE-23 Relative Path Traversal

Product status

Default status

unaffected

Any version before 7.6.0

affected

References

servicedesk.logpoint.com/...tes-Allows-Remote-Code-Execution

servicedesk.logpoint.com/...s/7201103730845-Product-Security

cve.org (CVE-2025-54317)

nvd.nist.gov (CVE-2025-54317)

Download JSON