cbcvebase.
CVE-2025-34126
published 2025-07-16

CVE-2025-34126: A path traversal vulnerability exists in RIPS Scanner version 0.54. The vulnerability allows remote attackers to read arbitrary files on the system with the…

PriorityP258high8.7CVSS 4.0
AVNACLATNPRNUINVCHVINVANSCNSINSANEXCRXIRXARXMAVXMACXMATXMPRXMUIXMVCXMVIXMVAXMSCXMSIXMSAXSXAUXRXVXREXUX
EXPLOIT
EPSS
1.46%
70.3th percentile
A path traversal vulnerability exists in RIPS Scanner version 0.54. The vulnerability allows remote attackers to read arbitrary files on the system with the privileges of the web server by sending crafted HTTP GET requests to the 'windows/code.php' script with a manipulated 'file' parameter. This can lead to disclosure of sensitive information.

Affected

1 ranges
VendorProductVersion rangeFixed in
rips_technologiesrips_scanner

Detection & IOCsextracted from sources · hover to see the quote

path/windows/code.php
  • Monitor HTTP GET requests to 'windows/code.php' with a manipulated 'file' parameter containing path traversal sequences (e.g., '../') targeting RIPS Scanner v0.54 installations.
  • A Metasploit auxiliary module exists for this vulnerability (modules/auxiliary/scanner/http/rips_traversal.rb); presence of this module's traffic patterns or User-Agent strings may indicate active exploitation attempts.
  • ·The vulnerability is specific to RIPS Scanner version 0.54; other versions may not be affected.
  • ·File disclosure is limited to files readable by the web server process; privilege escalation is not directly implied.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.