Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-13661

Summary
Assigner-ivanti
Assigner Org ID-3c1d8aa1-5a33-4ea4-8992-aadd6440af75
Published At-09 Dec, 2025 | 16:01
Updated At-26 Feb, 2026 | 16:57
Rejected At-
Credits

Path traversal in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote authenticated attacker to write arbitrary files outside of the intended directory. User interaction is required.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:ivanti
Assigner Org ID:3c1d8aa1-5a33-4ea4-8992-aadd6440af75
Published At:09 Dec, 2025 | 16:01
Updated At:26 Feb, 2026 | 16:57
Rejected At:
▼CVE Numbering Authority (CNA)

Path traversal in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote authenticated attacker to write arbitrary files outside of the intended directory. User interaction is required.

Affected Products
Vendor
Ivanti SoftwareIvanti
Product
Endpoint Manager
Default Status
affected
Versions
Unaffected
  • 2024 SU4 SR1 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-22CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Type: CWE
CWE ID: CWE-22
Description: CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Metrics
VersionBase scoreBase severityVector
3.17.1HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.1
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-126CAPEC-126 Path Traversal
CAPEC ID: CAPEC-126
Description: CAPEC-126 Path Traversal
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://forums.ivanti.com/s/article/Security-Advisory-EPM-December-2025-for-EPM-2024
N/A
Hyperlink: https://forums.ivanti.com/s/article/Security-Advisory-EPM-December-2025-for-EPM-2024
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:3c1d8aa1-5a33-4ea4-8992-aadd6440af75
Published At:09 Dec, 2025 | 16:17
Updated At:11 Dec, 2025 | 17:28

Path traversal in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 allows a remote authenticated attacker to write arbitrary files outside of the intended directory. User interaction is required.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.1HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Primary3.18.0HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 7.1
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 8.0
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
CPE Matches
Ivanti Software
ivanti
>>endpoint_manager>>Versions before 2024(exclusive)
cpe:2.3:a:ivanti:endpoint_manager:*:*:*:*:*:*:*:*
Ivanti Software
ivanti
>>endpoint_manager>>2024
cpe:2.3:a:ivanti:endpoint_manager:2024:-:*:*:*:*:*:*
Ivanti Software
ivanti
>>endpoint_manager>>2024
cpe:2.3:a:ivanti:endpoint_manager:2024:su1:*:*:*:*:*:*
Ivanti Software
ivanti
>>endpoint_manager>>2024
cpe:2.3:a:ivanti:endpoint_manager:2024:su2:*:*:*:*:*:*
Ivanti Software
ivanti
>>endpoint_manager>>2024
cpe:2.3:a:ivanti:endpoint_manager:2024:su3:*:*:*:*:*:*
Ivanti Software
ivanti
>>endpoint_manager>>2024
cpe:2.3:a:ivanti:endpoint_manager:2024:su3_security_release_1:*:*:*:*:*:*
Ivanti Software
ivanti
>>endpoint_manager>>2024
cpe:2.3:a:ivanti:endpoint_manager:2024:su4:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-22Primary3c1d8aa1-5a33-4ea4-8992-aadd6440af75
CWE ID: CWE-22
Type: Primary
Source: 3c1d8aa1-5a33-4ea4-8992-aadd6440af75
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://forums.ivanti.com/s/article/Security-Advisory-EPM-December-2025-for-EPM-20243c1d8aa1-5a33-4ea4-8992-aadd6440af75
Vendor Advisory
Hyperlink: https://forums.ivanti.com/s/article/Security-Advisory-EPM-December-2025-for-EPM-2024
Source: 3c1d8aa1-5a33-4ea4-8992-aadd6440af75
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

56Records found
CVE-2024-24591
Matching Score-4
Assigner-HiddenLayer, Inc.
ShareView Details
Matching Score-4
Assigner-HiddenLayer, Inc.
CVSS Score-8||HIGH
EPSS-0.53% / 66.92%
||
7 Day CHG+0.08%
Published-06 Feb, 2024 | 14:40
Updated-15 May, 2025 | 19:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A path traversal vulnerability in versions 1.4.0 to 1.14.1 of the client SDK of Allegro AI’s ClearML platform enables a maliciously uploaded dataset to write local or remote files to an arbitrary location on an end user’s system when interacted with.

Action-Not Available
Vendor-clearAllegro.AI
Product-clearmlClearML
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2023-5123
Matching Score-4
Assigner-Grafana Labs
ShareView Details
Matching Score-4
Assigner-Grafana Labs
CVSS Score-8||HIGH
EPSS-0.53% / 67.19%
||
7 Day CHG~0.00%
Published-14 Feb, 2024 | 15:06
Updated-06 Jan, 2026 | 16:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper Path Sanitization in JSON Datasource Plugin

The JSON datasource plugin ( https://grafana.com/grafana/plugins/marcusolsson-json-datasource/ ) is a Grafana Labs maintained plugin for Grafana that allows for retrieving and processing JSON data from a remote endpoint (including a specific sub-path) configured by an administrator. Due to inadequate sanitization of the dashboard-supplied path parameter, it was possible to include path traversal characters (../) in the path parameter and send requests to paths on the configured endpoint outside the configured sub-path. This means that if the datasource was configured by an administrator to point at some sub-path of a domain (e.g. https://example.com/api/some_safe_api/ ), it was possible for an editor to create a dashboard referencing the datasource which issues queries containing path traversal characters, which would in turn cause the datasource to instead query arbitrary subpaths on the configured domain (e.g. https://example.com/api/admin_api/) . In the rare case that this plugin is configured by an administrator to point back at the Grafana instance itself, this vulnerability becomes considerably more severe, as an administrator browsing a maliciously configured panel could be compelled to make requests to Grafana administrative API endpoints with their credentials, resulting in the potential for privilege escalation, hence the high score for this vulnerability.

Action-Not Available
Vendor-Grafana Labs
Product-json_api_data_sourcegrafana-json-datasource
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2021-21605
Matching Score-4
Assigner-Jenkins Project
ShareView Details
Matching Score-4
Assigner-Jenkins Project
CVSS Score-8||HIGH
EPSS-0.44% / 62.83%
||
7 Day CHG~0.00%
Published-13 Jan, 2021 | 15:55
Updated-03 Aug, 2024 | 18:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Jenkins 2.274 and earlier, LTS 2.263.1 and earlier allows users with Agent/Configure permission to choose agent names that cause Jenkins to override the global `config.xml` file.

Action-Not Available
Vendor-Jenkins
Product-jenkinsJenkins
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2019-11826
Matching Score-4
Assigner-Synology Inc.
ShareView Details
Matching Score-4
Assigner-Synology Inc.
CVSS Score-8||HIGH
EPSS-0.86% / 74.68%
||
7 Day CHG~0.00%
Published-30 Jun, 2019 | 15:00
Updated-16 Sep, 2024 | 16:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Relative path traversal vulnerability in SYNO.PhotoTeam.Upload.Item in Synology Moments before 1.3.0-0691 allows remote authenticated users to upload arbitrary files via the name parameter.

Action-Not Available
Vendor-Synology, Inc.
Product-momentsPhoto Moments
CWE ID-CWE-23
Relative Path Traversal
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2019-0887
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8||HIGH
EPSS-55.19% / 98.00%
||
7 Day CHG~0.00%
Published-15 Jul, 2019 | 18:56
Updated-07 Jul, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A remote code execution vulnerability exists in Remote Desktop Services - formerly known as Terminal Services - when an authenticated attacker abuses clipboard redirection, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_7remote_desktop_clientwindows_server_2012windows_server_2019windows_rt_8.1windows_10windows_server_2008windows_server_2016windows_8.1windows_11_21h2Multiple
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2022-28052
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8||HIGH
EPSS-2.04% / 83.56%
||
7 Day CHG~0.00%
Published-13 Apr, 2022 | 14:17
Updated-03 Aug, 2024 | 05:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory Traversal vulnerability in file cn/roothub/store/FileSystemStorageService in function store in Roothub 2.6.0 allows remote attackers with low privlege to arbitrarily upload files via /common/upload API, which could lead to remote arbitrary code execution.

Action-Not Available
Vendor-roothubn/a
Product-roothubn/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
  • Previous
  • 1
  • 2
  • Next
Details not found