RIPS Scanner v0.54 Path Traversal_CVE-2025-34126

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Description

A path traversal vulnerability exists in RIPS Scanner version 0.54. The vulnerability allows remote attackers to read arbitrary files on the system with the privileges of the web server by sending crafted HTTP GET requests to the 'windows/code.php' script with a manipulated 'file' parameter. This can lead to disclosure of sensitive information.

Basic Information

ID CVE-2025-34126

Source VulnCheck

Published Jul 16, 2025 at 21:10

Modified Jul 17, 2025 at 15:41

Affected Product

Vendor RIPS Technologies

Product RIPS Scanner

Version 0.54

Affected Versions RIPS Technologies RIPS Scanner 0.54

CWE Classification

CWE-22

References

{
    "lastseen": "",
    "description": "A path traversal vulnerability exists in RIPS Scanner version 0.54. The vulnerability allows remote attackers to read arbitrary files on the system with the privileges of the web server by sending crafted HTTP GET requests to the 'windows/code.php' script with a manipulated 'file' parameter. This can lead to disclosure of sensitive information.",
    "published": "2025-07-16T21:10:13.388Z",
    "modified": "2025-07-17T15:41:29.991Z",
    "type": "cve",
    "title": "RIPS Scanner v0.54 Path Traversal",
    "source": "VulnCheck",
    "references": "https://codesec.blogspot.com/2015/03/rips-scanner-v-054-local-file-include.html\nhttps://www.exploit-db.com/exploits/18660\nhttps://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/auxiliary/scanner/http/rips_traversal.rb\nhttps://rips-scanner.sourceforge.net/\nhttps://www.vulncheck.com/advisories/rips-scanner-path-traversal",
    "id": "CVE-2025-34126",
    "bulletinFamily": "",
    "cwe": [
        "CWE-22"
    ],
    "cvelist": null,
    "sourceData": "RIPS Technologies RIPS Scanner 0.54",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "RIPS Scanner",
    "version": "0.54",
    "vendor": "RIPS Technologies",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}