CVE-2025-24886 — HIGH (7.7)

Vulnerability Description

pwn.college is an education platform to learn about, and practice, core cybersecurity concepts in a hands-on fashion. Incorrect symlink checks on user specified dojos allows for users (admin not required) to perform an LFI from the CTFd container. When a user clones or updates repositories, a check is performed to see if the repository had contained any symlinks. A malicious user could craft a repository with symlinks pointed to sensitive files and then retrieve them using the CTFd website.

CVSS Score

7.7

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Related Weaknesses (CWE)

CWE-61 CWE-200

References

https://github.com/pwncollege/dojo/security/advisories/GHSA-fcq8-jqq5-9xmh

FAQ

What is CVE-2025-24886?

CVE-2025-24886 is a vulnerability with a CVSS score of 7.7 (HIGH). pwn.college is an education platform to learn about, and practice, core cybersecurity concepts in a hands-on fashion. Incorrect symlink checks on user specified dojos allows for users (admin not requi...

How severe is CVE-2025-24886?

CVE-2025-24886 has been rated HIGH with a CVSS base score of 7.7/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-24886?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.