Full Report
Path Traversal vulnerability (CVE-2025-5993) has been found in ITCube CRM software.
Analysis Summary
# Vulnerability: Path Traversal in ITCube CRM Software (CVE-2025-5993)
## CVE Details
- CVE ID: CVE-2025-5993
- CVSS Score: Information not explicitly provided in the text, assumed Medium to High impact due to arbitrary file read.
- CWE: CWE-22 (Improper Limitation of a Pathname to a Restricted Directory - Path Traversal)
## Affected Systems
- Products: ITCube CRM
- Versions: From 2023.2 through 2025.2
- Configurations: Applicable to installations running the vulnerable versions.
## Vulnerability Description
A Path Traversal vulnerability exists in ITCube CRM versions 2023.2 through 2025.2. An **unauthenticated remote attacker** can exploit the vulnerable parameter named `fileName`. By manipulating this parameter, the attacker can construct path traversal payloads that allow them to read and download **any file accessible by the web server process**.
## Exploitation
- Status: No specific exploitation status mentioned (assumed not confirmed in the wild, but easily demonstrable).
- Complexity: Low (Implied by the nature of unauthenticated path traversal via a parameter).
- Attack Vector: Network (Remote)
## Impact
- Confidentiality: High (Allows unauthorized reading of application or system files).
- Integrity: Low (Primarily an information disclosure flaw; no direct modification capability stated).
- Availability: Low (No direct denial of service mechanism described).
## Remediation
### Patches
- Patches are expected to be available, but specific patch versions or advisories are **not explicitly listed** in the provided text. Users must check official ITCube Software advisories.
### Workarounds
- No specific workarounds were provided in the source material. Temporary measures would typically involve strict input validation or restricting network access if possible, pending official fixes.
## Detection
- Indicators of compromise include unexpected file read operations originating from the web server process, specifically targeting sensitive files (e.g., configuration files, password hashes) using `../` sequences in requests targeting the component that handles the `fileName` parameter.
- Detection methods should involve monitoring web access logs for suspicious request patterns related to file downloading functionality utilizing directory traversal sequences.
## References
- Vendor Advisories: Check official ITCube Software security advisories.
- Relevant Links:
- hxxps://www.cve.org/CVERecord?id=CVE-2025-5993
- hxxps://cert.pl/en/posts/2025/09/vulnerability-in-itcube-crm-software/ (Based on context date)