CVE-2019-25333

HIGH WAF: High

CVSS 7.5 Published: 2026-02-12

CWE-22

Bullwark Momentum Series JAWS 1.0 contains a directory traversal vulnerability that allows unauthenticated attackers to access system files by manipulating HTTP request paths. Attackers can exploit the vulnerability by sending crafted GET requests with multiple '../' sequences to read sensitive files like /etc/passwd outside the web root directory.

WAF Coverage Analysis

Path Traversal High WAF Coverage

OWASP: A01:2021 Broken Access Control

930xxx - Local File Inclusion

References

web.archive.org
www.exploit-db.com
www.vulncheck.com

Back to CVE Database