{"id":666,"date":"2025-04-19T11:01:50","date_gmt":"2025-04-19T11:01:50","guid":{"rendered":"http:\/\/localhost\/?p=666"},"modified":"2025-04-19T11:01:50","modified_gmt":"2025-04-19T11:01:50","slug":"cve-2025-32779","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=666","title":{"rendered":"CVE-2025-32779"},"content":{"rendered":"<div class=\"vulnerability-details\">\n<h2>Vulnerability Details<\/h2>\n<div class=\"info-section\">\n<h3>Basic Information<\/h3>\n<table class=\"info-table\">\n<tr>\n<th>Title<\/th>\n<td>CVE-2025-32779<\/td>\n<\/tr>\n<tr>\n<th>Type<\/th>\n<td>redhatcve<\/td>\n<\/tr>\n<tr>\n<th>Published<\/th>\n<td>2025-04-17T17:09:35<\/td>\n<\/tr>\n<tr>\n<th>Last Seen<\/th>\n<td>2025-04-17T17:11:54<\/td>\n<\/tr>\n<tr>\n<th>CVSS Score<\/th>\n<td style=\"color: #666666; font-weight: bold;\">0.0 ()<\/td>\n<\/tr>\n<\/table><\/div>\n<div class=\"cvss-section\">\n<h3>CVSS v3 Details<\/h3>\n<table class=\"cvss-table\">\n<tr>\n<th>Attack Vector<\/th>\n<td><\/td>\n<\/tr>\n<tr>\n<th>Attack Complexity<\/th>\n<td><\/td>\n<\/tr>\n<tr>\n<th>Privileges Required<\/th>\n<td><\/td>\n<\/tr>\n<tr>\n<th>User Interaction<\/th>\n<td><\/td>\n<\/tr>\n<tr>\n<th>Scope<\/th>\n<td><\/td>\n<\/tr>\n<tr>\n<th>Confidentiality Impact<\/th>\n<td><\/td>\n<\/tr>\n<tr>\n<th>Integrity Impact<\/th>\n<td><\/td>\n<\/tr>\n<tr>\n<th>Availability Impact<\/th>\n<td><\/td>\n<\/tr>\n<\/table><\/div>\n<div class=\"cve-section\">\n<h3>CVE Information<\/h3>\n<table class=\"cve-table\">\n<tr>\n<th>CVE IDs<\/th>\n<td>CVE-2025-32779<\/td>\n<\/tr>\n<tr>\n<th>CWE<\/th>\n<td><\/td>\n<\/tr>\n<tr>\n<th>Bulletin Family<\/th>\n<td>info<\/td>\n<\/tr>\n<\/table><\/div>\n<div class=\"description-section\">\n<h3>Description<\/h3>\n<div class=\"description-content\">\n            E.D.D.I (Enhanced Dialog Driven Interface) is a middleware to connect and manage LLM API bots. In versions before 5.5.0, an attacker with access to the `\/backup\/import` API endpoint can write arbitrary files to locations outside the intended extraction directory due to a Zip Slip vulnerability. Although the application runs as a non-root user (`185`), limiting direct impact on system-level files, this vulnerability can still be exploited to overwrite application files (e.g., JAR libraries) owned by the application user. This overwrite can potentially lead to Remote Code Execution (RCE) within the application&#8217;s context. This issue has been patched in version 5.5.0.<\/p><\/div>\n<\/p><\/div>\n<div class=\"impact-section\">\n<h3>Impact Assessment<\/h3>\n<table class=\"impact-table\">\n<tr>\n<th>Base Score<\/th>\n<td>0.0<\/td>\n<\/tr>\n<tr>\n<th>Severity<\/th>\n<td style=\"color: #666666;\"><\/td>\n<\/tr>\n<\/table><\/div>\n<div class=\"source-link\">\n<p><a href=\"https:\/\/access.redhat.com\/security\/cve\/cve-2025-32779\" target=\"_blank\">View full CVE details<\/a><\/p>\n<\/p><\/div>\n<\/div>\n<style>\n.vulnerability-details {\n    font-family: Arial, sans-serif;\n    max-width: 1200px;\n    margin: 0 auto;\n    padding: 20px;\n}<\/p>\n<p>.info-section, .cvss-section, .cve-section, .description-section, .impact-section {\n    margin-bottom: 30px;\n    background: #f8f9fa;\n    padding: 20px;\n    border-radius: 8px;\n    box-shadow: 0 2px 4px rgba(0,0,0,0.1);\n}<\/p>\n<p>h2 {\n    color: #2c3e50;\n    border-bottom: 2px solid #3498db;\n    padding-bottom: 10px;\n    margin-bottom: 20px;\n}<\/p>\n<p>h3 {\n    color: #34495e;\n    margin-bottom: 15px;\n}<\/p>\n<p>.info-table, .cvss-table, .cve-table, .impact-table {\n    width: 100%;\n    border-collapse: collapse;\n    margin-bottom: 20px;\n}<\/p>\n<p>.info-table th, .cvss-table th, .cve-table th, .impact-table th {\n    background: #e9ecef;\n    padding: 12px;\n    text-align: left;\n    width: 200px;\n}<\/p>\n<p>.info-table td, .cvss-table td, .cve-table td, .impact-table td {\n    padding: 12px;\n    border-bottom: 1px solid #dee2e6;\n}<\/p>\n<p>.description-content {\n    line-height: 1.6;\n    color: #2c3e50;\n}<\/p>\n<p>.source-link {\n    text-align: center;\n    margin-top: 30px;\n}<\/p>\n<p>.source-link a {\n    display: inline-block;\n    padding: 10px 20px;\n    background: #3498db;\n    color: white;\n    text-decoration: none;\n    border-radius: 5px;\n    transition: background 0.3s;\n}<\/p>\n<p>.source-link a:hover {\n    background: #2980b9;\n}\n<\/style>\n","protected":false},"excerpt":{"rendered":"<p>Vulnerability Details Basic Information Title CVE-2025-32779 Type redhatcve Published 2025-04-17T17:09:35 Last Seen 2025-04-17T17:11:54 CVSS Score 0.0 () CVSS v3 Details Attack Vector Attack Complexity Privileges&#8230;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[6,8,26,12,21,13,56,7,11,5],"class_list":["post-666","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-65","tag-exploit","tag-medium","tag-news","tag-redhatcve","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>CVE-2025-32779 - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=666\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"CVE-2025-32779 - zero redgem\" \/>\n<meta property=\"og:description\" content=\"Vulnerability Details Basic Information Title CVE-2025-32779 Type redhatcve Published 2025-04-17T17:09:35 Last Seen 2025-04-17T17:11:54 CVSS Score 0.0 () CVSS v3 Details Attack Vector Attack Complexity Privileges...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=666\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2025-04-19T11:01:50+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=666#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=666\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"CVE-2025-32779\",\"datePublished\":\"2025-04-19T11:01:50+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=666\"},\"wordCount\":163,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CVE\",\"CVSS\",\"CVSS-6.5\",\"exploit\",\"MEDIUM\",\"news\",\"redhatcve\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_cve\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=666#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=666\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=666\",\"name\":\"CVE-2025-32779 - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2025-04-19T11:01:50+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=666#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=666\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=666#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"CVE-2025-32779\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"CVE-2025-32779 - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=666","og_locale":"en_US","og_type":"article","og_title":"CVE-2025-32779 - zero redgem","og_description":"Vulnerability Details Basic Information Title CVE-2025-32779 Type redhatcve Published 2025-04-17T17:09:35 Last Seen 2025-04-17T17:11:54 CVSS Score 0.0 () CVSS v3 Details Attack Vector Attack Complexity Privileges...","og_url":"https:\/\/zero.redgem.net\/?p=666","og_site_name":"zero redgem","article_published_time":"2025-04-19T11:01:50+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=666#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=666"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"CVE-2025-32779","datePublished":"2025-04-19T11:01:50+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=666"},"wordCount":163,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CVE","CVSS","CVSS-6.5","exploit","MEDIUM","news","redhatcve","Security","tapic","Vulnerability"],"articleSection":["category_cve"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=666#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=666","url":"https:\/\/zero.redgem.net\/?p=666","name":"CVE-2025-32779 - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2025-04-19T11:01:50+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=666#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=666"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=666#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"CVE-2025-32779"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/666","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=666"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/666\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=666"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=666"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=666"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}