CVE-2025-1982

Vulnerability Description

Local File Inclusion vulnerability in Ready's attachment upload panel allows low privileged user to provide link to a local file using the file:// protocol thus allowing the attacker to read content of the file. This vulnerability can be use to read content of system files.

Related Weaknesses (CWE)

CWE-552

References

https://cert.pl/en/posts/2025/04/CVE-2025-1980
https://cert.pl/posts/2025/04/CVE-2025-1980
https://ready-os.com/pl/

FAQ

What is CVE-2025-1982?

CVE-2025-1982 is a documented vulnerability. Local File Inclusion vulnerability in Ready's attachment upload panel allows low privileged user to provide link to a local file using the file:// protocol thus allowing the attacker to read content o...

How severe is CVE-2025-1982?

CVSS scoring is not yet available for CVE-2025-1982. Check NVD for updates.

Is there a patch for CVE-2025-1982?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.