CWE-43
Path Equivalence: 'filename....' (Multiple Trailing Dot)
The product accepts path input in the form of multiple trailing dot ('filedir....') without appropriate validation, which can lead to ambiguous path resolution and allow an attacker to traverse the file system to unintended locations or access arbitrary files.
CVE-2025-10353 (GCVE-0-2025-10353)
Vulnerability from cvelistv5 – Published: 2025-10-08 10:47 – Updated: 2025-10-08 13:36
VLAI?
Summary
File upload leading to remote code execution (RCE) in the “melis-cms-slider” module of Melis Technology's Melis Platform. This vulnerability allows an attacker to upload a malicious file via a POST request to '/melis/MelisCmsSlider/MelisCmsSliderDetails/saveDetailsForm' using the 'mcsdetail_img' parameter.
Severity ?
CWE
- CWE-43 - Path Equivalence: 'filename....'
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Melis Technology | Melis Platform |
Affected:
0 , < 5.3.1
(custom)
|
Credits
Jesús Manzano Vázquez
Juan Manuel Martínez Hernández
Manuel Iván San Martín Castillo
Ángel Montilla Muñoz
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10353",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-08T13:35:50.082311Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-08T13:36:16.199Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"modules": [
"melis-cms-slider module"
],
"product": "Melis Platform",
"vendor": "Melis Technology",
"versions": [
{
"lessThan": "5.3.1",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jes\u00fas Manzano V\u00e1zquez"
},
{
"lang": "en",
"type": "finder",
"value": "Juan Manuel Mart\u00ednez Hern\u00e1ndez"
},
{
"lang": "en",
"type": "finder",
"value": "Manuel Iv\u00e1n San Mart\u00edn Castillo"
},
{
"lang": "en",
"type": "finder",
"value": "\u00c1ngel Montilla Mu\u00f1oz"
}
],
"datePublic": "2025-10-08T09:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eFile upload leading to remote code execution (RCE) in the \u201cmelis-cms-slider\u201d module of Melis Technology\u0027s Melis Platform. This vulnerability allows an attacker to upload a malicious file via a POST request to \u0027\u003c/span\u003e\u003cem\u003e/melis/MelisCmsSlider/MelisCmsSliderDetails/saveDetailsForm\u003c/em\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0027 using the \u0027\u003c/span\u003e\u003cem\u003emcsdetail_img\u003c/em\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0027 parameter.\u003c/span\u003e"
}
],
"value": "File upload leading to remote code execution (RCE) in the \u201cmelis-cms-slider\u201d module of Melis Technology\u0027s Melis Platform. This vulnerability allows an attacker to upload a malicious file via a POST request to \u0027/melis/MelisCmsSlider/MelisCmsSliderDetails/saveDetailsForm\u0027 using the \u0027mcsdetail_img\u0027 parameter."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-43",
"description": "CWE-43: Path Equivalence: \u0027filename....\u0027",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-08T10:47:55.067Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-melis-platform"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The vulnerability has been fixed by the Melis Technology team in the melis-cms v5.3.4, melis-core v5.3.11, and melis-cms-slider v.5.3.1 modules."
}
],
"value": "The vulnerability has been fixed by the Melis Technology team in the melis-cms v5.3.4, melis-core v5.3.11, and melis-cms-slider v.5.3.1 modules."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Missing Authorization vulnerability in Melis Platform",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2025-10353",
"datePublished": "2025-10-08T10:47:55.067Z",
"dateReserved": "2025-09-12T10:35:04.979Z",
"dateUpdated": "2025-10-08T13:36:16.199Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
No mitigation information available for this CWE.
No CAPEC attack patterns related to this CWE.