Exploit for Improper Access Control in Vitejs Vite_9349E804-9874-5D40-A4D5-7FAE1725C5AA

7.5 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Description

CVE-2025-30208 Using a special raw import query string on a vite dev server, a attacker can read arbitrary files Summary of the CVE Vite dev servers before 6.2.3, 6.1.2, 6.0.12, 5.4.15, and 4.5.10 can bypass the server.fs.deny file access checks for...

Visit Original Source

Basic Information

ID 9349E804-9874-5D40-A4D5-7FAE1725C5AA

Published Jun 16, 2026 at 14:25

Modified Jun 16, 2026 at 14:30

{
    "lastseen": "2026-06-16T14:42:53",
    "description": "CVE-2025-30208 Using a special raw import query string on a vite dev server, a attacker can read arbitrary files Summary of the CVE Vite dev servers before 6.2.3, 6.1.2, 6.0.12, 5.4.15, and 4.5.10 can bypass the server.fs.deny file access checks for...",
    "published": "2026-06-16T14:25:01",
    "modified": "2026-06-16T14:30:20",
    "type": "githubexploit",
    "title": "Exploit for Improper Access Control in Vitejs Vite",
    "source": "",
    "references": "",
    "id": "9349E804-9874-5D40-A4D5-7FAE1725C5AA",
    "bulletinFamily": "exploit",
    "cwe": null,
    "cvelist": [
        "CVE-2025-30208"
    ],
    "sourceData": "",
    "sourceHref": "",
    "cvss": {
        "score": 7.5,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "https://github.com/cc3305/CVE-2025-30208",
    "category_name": "Exploit",
    "post_link": "",
    "product": "",
    "version": "",
    "vendor": "",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Description

Basic Information

💭 Join the Security Discussion ❌ Cancel Reply