PT-2025-34973 · Ss1+1 · Ss1+1

Denis Faiustov

Published

2025-08-28

Updated

2025-08-28

CVE-2025-52460

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions: SS1 versions 16.0.0.10 and earlier SS1 Media versions 16.0.0a and earlier

Description: An issue exists where files or directories are accessible to external parties. Exploitation may allow a remote, unauthenticated attacker to access uploaded files and SS1 configuration files.

Recommendations: Update SS1 to a version later than 16.0.0.10. Update SS1 Media to a version later than 16.0.0a.

Fix

Files Accessible to External Parties

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-552

Related Identifiers

CVE-2025-52460

Affected Products

Ss1

Ss1 Media

PT-2025-34973 · Ss1+1 · Ss1+1

CVE-2025-52460

Weakness Enumeration

Related Identifiers

Affected Products

References · 5