Skip to main content

OpenWGA CVE-2025-12250

LOW
Path Traversal (CWE-22)
2025-10-27 cna@vuldb.com
2.0
CVSS 4.0 · NVD

Severity by source

NVD PRIMARY
2.0 LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
X

Lifecycle Timeline

1
Analysis Generated
Apr 29, 2026 - 02:31 vuln.today

DescriptionCVE.org

A flaw has been found in OpenWGA 7.11.12 Build 737. This affects an unknown function of the file WGA.File of the component TMLScript API. Executing manipulation can lead to path traversal. It is possible to launch the attack remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

AnalysisAI

Path traversal vulnerability in OpenWGA 7.11.12 Build 737 TMLScript API WGA.File component allows high-privileged remote attackers to manipulate file paths and access unauthorized resources. The vulnerability has publicly available exploit code and an extremely low EPSS score (0.07%, percentile 22%), suggesting limited real-world exploitation despite network accessibility, likely due to the requirement for high-level authentication that restricts practical attack surface.

Technical ContextAI

OpenWGA is a web content management framework built on TMLScript, a server-side templating language. The WGA.File component provides file system operations within TMLScript templates. CWE-22 (Improper Limitation of a Pathname to a Restricted Directory) indicates the vulnerability stems from insufficient validation of file path inputs, allowing directory traversal sequences (e.g., '../../../') to escape intended directory boundaries. The TMLScript API likely processes user-supplied or template-derived path arguments without proper canonicalization or sandboxing, enabling access to files outside the application's intended working directory.

Affected ProductsAI

OpenWGA version 7.11.12 Build 737 is explicitly confirmed as vulnerable. The CVE description does not specify whether earlier versions are affected or whether later versions have been patched. No CPE data is available in the references to establish a definitive version range. No vendor advisory or security bulletin has been identified to clarify scope of affected versions.

RemediationAI

No vendor-released patch has been identified at time of analysis. The vendor did not respond to early disclosure attempts per the CVE description, indicating no official fix timeline is established. Immediate compensating controls include: restrict network access to the OpenWGA application to trusted networks only using firewall or reverse proxy rules to limit who can reach the authentication boundary; disable or restrict the WGA.File TMLScript API component if not actively used in templates by removing permissions or blocking the component in the application configuration (verify this does not break critical functionality); enforce strict file system permissions on the OpenWGA application directory to prevent write access to sensitive files even if path traversal succeeds; and conduct a security review of all TMLScript templates to identify and remove direct file path manipulation, replacing dynamic paths with a whitelist-based approach. Organizations should monitor for vendor patches or consider upgrading to a newer major version if available, though version 7.x appears to be the active line.

Share

CVE-2025-12250 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy