EUVD-2025-208948

| CVE-2025-60946 HIGH
2026-03-23 cisa-cg GHSA-q4rc-c232-4f3v
8.7
CVSS 4.0
Share

CVSS Vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

4
PoC Detected
Mar 26, 2026 - 13:27 vuln.today
Public exploit code
Analysis Generated
Mar 23, 2026 - 21:30 vuln.today
EUVD ID Assigned
Mar 23, 2026 - 21:30 euvd
EUVD-2025-208948
CVE Published
Mar 23, 2026 - 20:59 nvd
HIGH 8.7

Tags

Path Traversal

Description

Census CSWeb 8.0.1 allows arbitrary file path input. A remote, authenticated attacker could access unintended file directories. Fixed in 8.1.0 alpha.

Analysis

Census CSWeb 8.0.1 contains a path traversal vulnerability (CWE-22) allowing authenticated remote attackers to access arbitrary files outside intended directories through unvalidated file path input. A public proof-of-concept exploit is available on GitHub (hx381/cspro-exploits), significantly increasing exploitation risk. With a CVSS score of 8.8 and low attack complexity requiring only low-level privileges, this poses a critical threat to organizations running the affected version.

Technical Context

Census CSWeb is a web-based data management platform for statistical surveys and census operations, as identified by CPE cpe:2.3:a:census:csweb:*:*:*:*:*:*:*:*. The vulnerability stems from CWE-22 (Improper Limitation of a Pathname to a Restricted Directory), commonly known as path traversal or directory traversal. The application fails to properly sanitize user-supplied file path inputs, allowing attackers to use special character sequences like '../' to navigate outside the intended directory structure and access sensitive files on the underlying operating system. This class of vulnerability typically affects file handling functions that construct file paths using untrusted input without adequate validation or canonicalization.

Affected Products

Census CSWeb version 8.0.1 and potentially earlier versions are confirmed vulnerable, as identified through CPE cpe:2.3:a:census:csweb:*:*:*:*:*:*:*:*. The fix was implemented in version 8.1.0 alpha according to the commit referenced at github.com/csprousers/csweb/commit/eba0b59a243390a1a4f9524cce6dbc0314bf0d91. Organizations running any CSWeb version prior to 8.1.0 alpha should assume they are vulnerable to arbitrary file path traversal attacks. CISA has documented this vulnerability in their CSAF advisory available at raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2026/va-26-079-01.json, indicating federal concern about the issue.

Remediation

Immediately upgrade Census CSWeb to version 8.1.0 alpha or later, which contains the security fix as documented in the GitHub commit at github.com/csprousers/csweb/commit/eba0b59a243390a1a4f9524cce6dbc0314bf0d91. Organizations unable to immediately patch should implement compensating controls including restricting network access to the CSWeb application to trusted IP ranges only, enforcing strong authentication mechanisms, enabling comprehensive file access logging to detect exploitation attempts, and applying principle of least privilege to the web application's file system permissions to limit the scope of accessible files. Review authentication logs and file access patterns for any suspicious activity indicating attempted or successful path traversal exploitation, particularly looking for unusual file access requests or attempts to read sensitive system files.

Priority Score

64
Low Medium High Critical
KEV: 0
EPSS: +0.1
CVSS: +44
POC: +20

Share

EUVD-2025-208948 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy