CVE 8.8 HIGH

ConvertX has Path Traversal that leads to Arbitrary File Write and Arbitrary Code Execution_CVE-2025-66449

December 15, 2025 invoker category_cve

8.8 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Description

ConvertXis a self-hosted online file converter. In versions prior to 0.16.0, the endpoint `/upload` allows an authenticated user to write arbitrary files on the system, overwriting binaries and allowing code execution. The upload function takes `file.name` directly from user supplied data without doing any sanitization on the name thus allowing for arbitrary file write. This can be used to overwrite system binaries with ones provided from an attacker allowing full code execution. Version 0.16.0 contains a patch for the issue.

AI Analysis

Path Traversal vulnerability allowing arbitrary file write and code execution

Basic Information

ID CVE-2025-66449

Source GitHub_M

Published Dec 16, 2025 at 00:10

Affected Product

Vendor C4illin

Product ConvertX

Version < 0.16.0

Affected Versions C4illin ConvertX < 0.16.0

CWE Classification

CWE-22 CWE-73 CWE-434

AI Assessment

AI Score 8.8 / 10

AI Severity High

Vendor C4illin

Product ConvertX

Version < 0.16.0

References

{
    "lastseen": "",
    "description": "ConvertXis a self-hosted online file converter. In versions prior to 0.16.0, the endpoint `/upload` allows an authenticated user to write arbitrary files on the system, overwriting binaries and allowing code execution. The upload function takes `file.name` directly from user supplied data without doing any sanitization on the name thus allowing for arbitrary file write. This can be used to overwrite system binaries with ones provided from an attacker allowing full code execution. Version 0.16.0 contains a patch for the issue.",
    "published": "2025-12-16T00:10:49.204Z",
    "modified": "2025-12-16T00:10:49.204Z",
    "type": "cve",
    "title": "ConvertX has Path Traversal that leads to Arbitrary File Write and Arbitrary Code Execution",
    "source": "GitHub_M",
    "references": "https://github.com/C4illin/ConvertX/security/advisories/GHSA-cpww-gwgc-p72r\nhttps://github.com/C4illin/ConvertX/commit/550f472451755d095cf5802bc91f403e85b7129e\nhttps://github.com/C4illin/ConvertX/blob/4ae2aab66ace7cdcc14c5a16ecaaf2372b9ccbdf/src/pages/upload.tsx#L27-L30",
    "id": "CVE-2025-66449",
    "bulletinFamily": "",
    "cwe": [
        "CWE-22",
        "CWE-73",
        "CWE-434"
    ],
    "cvelist": null,
    "sourceData": "C4illin ConvertX < 0.16.0",
    "sourceHref": "",
    "cvss": {
        "score": 8.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "ConvertX",
    "version": "< 0.16.0",
    "vendor": "C4illin",
    "ai_description": "Path Traversal vulnerability allowing arbitrary file write and code execution",
    "ai_severity": "High",
    "ai_vendor": "C4illin",
    "ai_product": "ConvertX",
    "ai_version": "< 0.16.0",
    "ai_score": 8.8
}

💭 Join the Security Discussion ❌ Cancel Reply