Vulnerability Description
A vulnerability has been found in MigoXLab LMeterX 1.2.0 and classified as critical. Affected by this vulnerability is the function process_cert_files of the file backend/service/upload_service.py. The manipulation of the argument task_id leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of the patch is f1b00597e293d09452aabd4fa57f3185207350e8. It is recommended to apply a patch to fix this issue.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Migoxlab | Lmeterx | 1.2.0 |
Related Weaknesses (CWE)
References
- https://github.com/MigoXLab/LMeterX/commit/f1b00597e293d09452aabd4fa57f318520735Patch
- https://github.com/MigoXLab/LMeterX/issues/10ExploitIssue TrackingPatch
- https://github.com/MigoXLab/LMeterX/issues/10#issue-3255375024ExploitIssue TrackingPatch
- https://github.com/MigoXLab/LMeterX/issues/10#issuecomment-3136380379ExploitIssue TrackingPatch
- https://vuldb.com/?ctiid.319225Permissions RequiredVDB Entry
- https://vuldb.com/?id.319225Third Party AdvisoryVDB Entry
- https://vuldb.com/?submit.621741ExploitThird Party AdvisoryVDB Entry
- https://github.com/MigoXLab/LMeterX/issues/10ExploitIssue TrackingPatch
FAQ
What is CVE-2025-8729?
CVE-2025-8729 is a vulnerability with a CVSS score of 6.3 (MEDIUM). A vulnerability has been found in MigoXLab LMeterX 1.2.0 and classified as critical. Affected by this vulnerability is the function process_cert_files of the file backend/service/upload_service.py. Th...
How severe is CVE-2025-8729?
CVE-2025-8729 has been rated MEDIUM with a CVSS base score of 6.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-8729?
Check the references section above for vendor advisories and patch information. Affected products include: Migoxlab Lmeterx.