We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2025-55013

Assemblyline 4 Service Client: Arbitrary Write through path traversal in Client code



Description

The Assemblyline 4 Service Client interfaces with the API to fetch tasks and publish the result for a service in Assemblyline 4. In versions below 4.6.1.dev138, the Assemblyline 4 Service Client (task_handler.py) accepts a SHA-256 value returned by the service server and uses it directly as a local file name.A malicious or compromised server (or any MITM that can speak to client) can return a path-traversal payload such as `../../../etc/cron.d/evil` and force the client to write the downloaded bytes to an arbitrary location on disk. This is fixed in version 4.6.1.dev138.

Reserved 2025-08-04 | Published 2025-08-09 | Updated 2025-08-09 | Assigner GitHub_M


CRITICAL: 10.0CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:H

Problem types

CWE-23: Relative Path Traversal

Product status

< 4.6.1.dev138
affected

References

github.com/...lyline/security/advisories/GHSA-75jv-vfxf-3865

github.com/...ommit/351414e7e96cc1f5640ae71ae51b939e8ba30900

cve.org (CVE-2025-55013)

nvd.nist.gov (CVE-2025-55013)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2025-55013

Support options

Helpdesk Chat, Email, Knowledgebase
© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.