CVE-2019-25355
HIGH WAF: High
CVSS 7.5
Published: 2026-02-18
CWE-22
gSOAP 2.8 contains a directory traversal vulnerability that allows unauthenticated attackers to access system files by manipulating HTTP path traversal techniques. Attackers can retrieve sensitive files like /etc/passwd by sending crafted GET requests with multiple '../' directory traversal sequences.
WAF Coverage Analysis
Path Traversal
High WAF Coverage
OWASP: A01:2021 Broken Access Control
930xxx - Local File Inclusion
Affected Software
| Vendor | Product | Version |
|---|---|---|
| genivia | gsoap | 2.8.0 |
References
- www.exploit-db.com (Exploit, VDB Entry)
- www.genivia.com (Product)
- www.genivia.com (Product)
- www.vulncheck.com (Third Party Advisory)