CVE-2025-8048
External Control of File path vulnerability has been discovered on Openext Flipper.
External Control of File Name or Path vulnerability in opentext Flipper allows Path Traversal. The vulnerability could allow a user to submit a stored local file
path and then download the specified file from the system by requesting the
stored document ID.
This issue affects Flipper: 3.1.2.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/S:P/AU:Y/R:U/V:D/RE:M/U:Green
Affected products
opentext · FlipperWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →