Primary

Context

MISP Path Traversal Vulnerability in Event Report Model for Site Admins

Vulnerability

Patched

A path traversal vulnerability has been identified in MISP versions prior to 2.5.27. The issue allows site administrators to traverse directories when viewing pictures, potentially leading to unauthorized access to files outside the intended directory.

Impact

Exploitation of this vulnerability could allow a site administrator to access files outside of the designated directory, potentially leading to exposure of sensitive information.

Remediation

Users can upgrade to MISP version 2.5.27 or later to address this vulnerability.

Added: Nov 28, 2025, 7:17 AM

Updated: Nov 28, 2025, 7:17 AM

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

0.8

exploitability

5.5

remediation

7.7

relevance

1.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

3.1

impact

0.8

exploitability

5.5

remediation

7.7

relevance

1.2

threat

3.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

MISP Path Traversal Vulnerability in Event Report Model for Site Admins

Vulnerability

Impact

Remediation

Affected Products

MISP

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating