Which versions of Csweb are affected by EUVD-2025-208948?

Census CSWeb 8.0.1 contains a path traversal vulnerability allowing authenticated users with low-level privileges to access arbitrary files on affected systems, creating unauthorized data exposure…. A patch is available.

Is there a public PoC exploit available for EUVD-2025-208948?

Yes, a public proof-of-concept exploit is available for EUVD-2025-208948. Prioritise patching immediately. EPSS: 0.1%.

How to fix or mitigate EUVD-2025-208948?

Within 24 hours: Identify all Census CSWeb 8.0.1 instances in your environment and document their locations and data sensitivity. Within 7 days: Apply the vendor-released patch to upgrade Census CSWeb to a patched version (contact Census Bureau for specific patch version number). Within 30 days: Conduct file access logs review for the past 90 days to identify any suspicious path traversal attempts; implement network segmentation to restrict CSWeb access to authorized users only.

Csweb EUVD-2025-208948

Q: What is the CVSS score of EUVD-2025-208948?

EUVD-2025-208948 has a CVSS 4.0 base score of 8.7 (High). CVSS vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X. EPSS exploitation probability: 0.1%.

| CVE-2025-60946 HIGH

Path Traversal (CWE-22)

2026-03-23 cisa-cg

GHSA-q4rc-c232-4f3v

Path Traversal Csweb

8.7

CVSS 4.0 · NVD

Severity by source

NVD PRIMARY

8.7 HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Lifecycle Timeline

Analysis Updated

Apr 16, 2026 - 06:18 EUVD-patch-fix

executive_summary

Re-analysis Queued

Apr 16, 2026 - 05:29 backfill_euvd_patch

patch_released

Patch available

Apr 16, 2026 - 05:29 EUVD

8.1.0

PoC Detected

Mar 26, 2026 - 13:27 vuln.today

Public exploit code

EUVD ID Assigned

Mar 23, 2026 - 21:30 euvd

EUVD-2025-208948

Analysis Generated

Mar 23, 2026 - 21:30 vuln.today

CVE Published

Mar 23, 2026 - 20:59 nvd

HIGH 8.7

DescriptionCVE.org

Census CSWeb 8.0.1 allows arbitrary file path input. A remote, authenticated attacker could access unintended file directories. Fixed in 8.1.0 alpha.

AnalysisAI

Census CSWeb 8.0.1 contains a path traversal vulnerability (CWE-22) allowing authenticated remote attackers to access arbitrary files outside intended directories through unvalidated file path input. A public proof-of-concept exploit is available on GitHub (hx381/cspro-exploits), significantly increasing exploitation risk. With a CVSS score of 8.8 and low attack complexity requiring only low-level privileges, this poses a critical threat to organizations running the affected version.

Technical ContextAI

Census CSWeb is a web-based data management platform for statistical surveys and census operations, as identified by CPE cpe:2.3:a:census:csweb:*:*:*:*:*:*:*:*. The vulnerability stems from CWE-22 (Improper Limitation of a Pathname to a Restricted Directory), commonly known as path traversal or directory traversal. The application fails to properly sanitize user-supplied file path inputs, allowing attackers to use special character sequences like '../' to navigate outside the intended directory structure and access sensitive files on the underlying operating system. This class of vulnerability typically affects file handling functions that construct file paths using untrusted input without adequate validation or canonicalization.

RemediationAI

Immediately upgrade Census CSWeb to version 8.1.0 alpha or later, which contains the security fix as documented in the GitHub commit at github.com/csprousers/csweb/commit/eba0b59a243390a1a4f9524cce6dbc0314bf0d91. Organizations unable to immediately patch should implement compensating controls including restricting network access to the CSWeb application to trusted IP ranges only, enforcing strong authentication mechanisms, enabling comprehensive file access logging to detect exploitation attempts, and applying principle of least privilege to the web application's file system permissions to limit the scope of accessible files. Review authentication logs and file access patterns for any suspicious activity indicating attempted or successful path traversal exploitation, particularly looking for unusual file access requests or attempts to read sensitive system files.

EUVD-2025-208948 vulnerability details – vuln.today

Back