CVE-2025-54317

An issue was discovered in Logpoint before 7.6.0. An attacker with operator privileges can exploit a path traversal vulnerability when creating a Layout Template, which can lead to remote code execution (RCE).

CVSS v3 8.4 HIGH

8.4^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.7 / Impact : 6.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope CHANGED

References

Link	Resource
https://servicedesk.logpoint.com/hc/en-us/articles/28685507675549-Path-Traversal-in-Layout-Templates-Allows-Remote-Code-Execution

Configurations

No configuration.

History

22 Jul 2025, 13:06

Type	Values Removed	Values Added
Summary		(es) Se detectó un problema en Logpoint antes de la versión 7.6.0. Un atacante con privilegios de operador puede explotar una vulnerabilidad de path traversal al crear una plantilla de diseño, lo que puede provocar la ejecución remota de código (RCE).

20 Jul 2025, 19:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-07-20 19:15

Updated : 2025-07-22 13:06

NVD link : CVE-2025-54317

Mitre link : CVE-2025-54317

CVE.ORG link : CVE-2025-54317

JSON object : View

Products Affected

No product.

CWE

CWE-23

Relative Path Traversal

8.4 /10