CVE-2025-13879 — LOW (2.7) — White Hats Nepal

Vulnerability Description

Directory traversal vulnerability in SOLIDserver IPAM v8.2.3. This vulnerability allows an authenticated user with administrator privileges to list directories other than those to which the have authorized access using the 'directory' parameter in '/mod/ajax.php?action=sections/list/list'.For examplem setting the 'directory' parameter to '/' displays files outside the 'LOCAL:///' folder.

CVSS Score

2.7

LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Efficientip	Solidserver Ip Address Management	8.2.3

Related Weaknesses (CWE)

CWE-22

References

https://efficientip.com/resources/solidserver-ipam-solutions-3/Product
https://www.incibe.es/en/incibe-cert/notices/aviso/directory-traversal-vulnerabiThird Party Advisory

FAQ

What is CVE-2025-13879?

CVE-2025-13879 is a vulnerability with a CVSS score of 2.7 (LOW). Directory traversal vulnerability in SOLIDserver IPAM v8.2.3. This vulnerability allows an authenticated user with administrator privileges to list directories other than those to which the have autho...

How severe is CVE-2025-13879?

CVE-2025-13879 has been rated LOW with a CVSS base score of 2.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-13879?

Check the references section above for vendor advisories and patch information. Affected products include: Efficientip Solidserver Ip Address Management.