CVE-2025-8729

CVSS v3.1

9.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Name of the Vulnerable Software and Affected Versions MigoXLab LMeterX version 1.2.0

Description A vulnerability exists in MigoXLab LMeterX 1.2.0 related to path traversal. The process cert files function within the backend/service/upload service.py file is affected. Manipulation of the task id argument can lead to a path traversal attack, which can be launched remotely. The exploit has been publicly disclosed.

Recommendations Apply the patch with identifier f1b00597e293d09452aabd4fa57f3185207350e8 to resolve this issue.

Exploit

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

CVE-2025-8729

Affected Products

Lmeterx

CVE-2025-8729

Weakness Enumeration

Related Identifiers

Affected Products

References · 12