CVE-2025-14728
published 2025-12-29CVE-2025-14728: Rapid7 Velociraptor versions before 0.75.6 contain a directory traversal issue on Linux servers that allows a rogue client to upload a file which is written…
PriorityP341medium6.8CVSS 3.1
AVNACHPRNUINSCCNIHAN
EPSS
0.47%
37.3th percentile
Rapid7 Velociraptor versions before 0.75.6 contain a directory traversal issue on Linux servers that allows a rogue client to upload a file which is written outside the datastore directory. Velociraptor is normally only allowed to write in the datastore directory. The issue occurs due to insufficient sanitization of directory names which end with a ".", only encoding the final "." AS "%2E".
Although files can be written to incorrect locations, the containing directory must end with "%2E". This limits the impact of this vulnerability, and prevents it from overwriting critical files.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| rapid7 | velociraptor | < 0.75.6 | 0.75.6 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
2025-12-29
Published