CVE-2025-34126

Source
https://cve.org/CVERecord?id=CVE-2025-34126
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-34126.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-34126
Published
2025-07-16T21:10:13.388Z
Modified
2026-07-16T03:31:00.271418812Z
Severity
  • 8.7 (High) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N CVSS Calculator
Summary
RIPS Scanner v0.54 Path Traversal
Details

A path traversal vulnerability exists in RIPS Scanner version 0.54. The vulnerability allows remote attackers to read arbitrary files on the system with the privileges of the web server by sending crafted HTTP GET requests to the 'windows/code.php' script with a manipulated 'file' parameter. This can lead to disclosure of sensitive information.

Database specific
{
    "cwe_ids": [
        "CWE-22"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/34xxx/CVE-2025-34126.json",
    "cna_assigner": "VulnCheck"
}
References

Affected packages

Git / github.com/robocoder/rips-scanner

Affected ranges

Type
GIT
Repo
https://github.com/robocoder/rips-scanner
Events
Database specific
{
    "extracted_events": [
        {
            "introduced": "0.54"
        },
        {
            "last_affected": "0.54"
        }
    ],
    "source": "AFFECTED_FIELD"
}

Affected versions

0.*
0.54

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-34126.json"