Lucene search
K

4 matches found

NVD
NVD
added 2025/07/10 8:15 p.m.14 views

CVE-2025-53632

Chall-Manager is a platform-agnostic system able to start Challenges on Demand of a player. When decoding a scenario i.e. a zip archive, the path of the file to write is not checked, potentially leading to zip slips. Exploitation does not require authentication nor authorization, so anyone can...

9.1CVSS0.00718EPSS
Exploits1References3
CVE
CVE
added 2025/07/10 7:36 p.m.31 views

CVE-2025-53632

CVE-2025-53632 affects Chall-Manager and describes a path traversal (zip slip) vulnerability during the decoding/extraction of a scenario archive. The root cause is that the target path for extracted files is not checked, enabling arbitrary file writes and potential impact on integrity and availa...

9.1CVSS6.7AI score0.00718EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2025/07/10 7:36 p.m.3 views

CVE-2025-53632 Chall-Manager's scenario decoding process does not check for zip slips

Chall-Manager is a platform-agnostic system able to start Challenges on Demand of a player. When decoding a scenario i.e. a zip archive, the path of the file to write is not checked, potentially leading to zip slips. Exploitation does not require authentication nor authorization, so anyone can...

8.8CVSS7.3AI score0.00718EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/07/10 7:36 p.m.46 views

CVE-2025-53632 Chall-Manager's scenario decoding process does not check for zip slips

Chall-Manager is a platform-agnostic system able to start Challenges on Demand of a player. When decoding a scenario i.e. a zip archive, the path of the file to write is not checked, potentially leading to zip slips. Exploitation does not require authentication nor authorization, so anyone can...

8.8CVSS0.00718EPSS
Exploits1References3
Rows per page
Query Builder