CVE-2025-25284

Name of the Vulnerable Software and Affected Versions: ZOO-Project (affected versions not specified)

Description: A vulnerability in the ZOO-Project's WPS implementation allows unauthorized access to files outside the intended directory through path traversal. Specifically, the Gdal Translate service, when processing VRT files, does not properly validate file paths referenced in the VRTRasterBand element, allowing attackers to read arbitrary files on the system. The vulnerability exists because the service doesn't properly sanitize the SourceFilename parameter in VRT files, allowing relative path traversal sequences (../). This allows reading arbitrary files as raw binary data and converting them to TIFF format, effectively exposing their contents. An unauthenticated attacker can read arbitrary files from the system through path traversal, potentially accessing sensitive information such as configuration files, credentials, or other confidential data stored on the server.

Recommendations: To resolve the issue, all users are advised to upgrade to a version that includes the fix, as committed in 5f155a8. As a temporary workaround, consider restricting access to the Gdal Translate service until the update is applied. Additionally, avoid using the SourceFilename parameter in VRT files until the issue is resolved. There are no known workarounds for this vulnerability.