PT-2025-25625 · Unknown · Frdel Agent-Zero
Arashimuo
·
Published
2025-06-17
·
Updated
2026-01-08
·
CVE-2025-6166
CVSS v4.0
5.1
Medium
| Vector | AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X |
Name of the Vulnerable Software and Affected Versions
frdel Agent-Zero versions up to 0.8.4
Description
A path traversal issue affects the
image get function in the /python/api/image get.py file, caused by the manipulation of the path argument.Recommendations
For frdel Agent-Zero versions up to 0.8.4, upgrade to version 0.8.4.1 to address this issue. As a temporary workaround, consider restricting access to the
image get function until the upgrade is applied.Fix
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Frdel Agent-Zero