CVE-2025-4078
published 2025-04-29CVE-2025-4078: A vulnerability, which was classified as problematic, has been found in Wangshen SecGate 3600 2400. This issue affects some unknown processing of the file…
PriorityP273medium4.3CVSS 3.1
AVNACLPRLUINSUCLINAN
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
0.97%
57.3th percentile
A vulnerability, which was classified as problematic, has been found in Wangshen SecGate 3600 2400. This issue affects some unknown processing of the file ?g=log_export_file. The manipulation of the argument file_name leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| wangshen | secgate_3600 | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Look for HTTP GET requests targeting '/?g=log_export_file' with a 'file_name' parameter containing path traversal sequences (e.g., '../') in web server access logs. ↗
- →A successful exploitation response will return HTTP 200 with Content-Type 'text/plain' and a body matching the pattern 'root:.*:0:0:' (i.e., /etc/passwd content). ↗
- →Use FOFA fingerprint fid='1Lh1LHi6yfkhiO83I59AYg==' to identify exposed Wangshen SecGate 3600 devices on the internet. ↗
- ·The vulnerability affects Wangshen SecGate 3600 version 2400 specifically; other versions may or may not be affected. ↗
- ·The exploit is publicly disclosed and can be initiated remotely without authentication requirements mentioned, increasing exposure risk for internet-facing devices. ↗
CVSS provenance
nvdv3.14.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
nvdv4.05.3MEDIUMCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:P/I:N/A:N
vulncheck5.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-p8jc-2h55-7w89: A vulnerability, which was classified as problematic, has been found in Wangshen SecGate 3600 2400
ghsa_unreviewed·2025-04-29
CVE-2025-4078 [MEDIUM] CWE-22 GHSA-p8jc-2h55-7w89: A vulnerability, which was classified as problematic, has been found in Wangshen SecGate 3600 2400
A vulnerability, which was classified as problematic, has been found in Wangshen SecGate 3600 2400. This issue affects some unknown processing of the file ?g=log_export_file. The manipulation of the argument file_name leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
VulnCheck
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
vulncheck·2025·CVSS 5.3
CVE-2025-4078 [MEDIUM] Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
A vulnerability, which was classified as problematic, has been found in Wangshen SecGate 3600 2400. This issue affects some unknown processing of the file ?g=log_export_file. The manipulation of the argument file_name leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://api.vulncheck.com/v3/index/vulncheck-canaries?cve=CVE-2025-4078&date=2026-04-30
No detection rules found.
Nuclei
Wangshen SecGate 3600 Path Traversal Vulnerability
nuclei·CVSS 5.3
CVE-2025-4078 [MEDIUM] Wangshen SecGate 3600 Path Traversal Vulnerability
Wangshen SecGate 3600 Path Traversal Vulnerability
Wangshen SecGate 3600 2400 contains a path traversal caused by manipulation of the 'file_name' argument in '?g=log_export_file', letting remote attackers access arbitrary files, exploit requires remote access.
Template:
id: CVE-2025-4078
info:
name: Wangshen SecGate 3600 Path Traversal Vulnerability
author: Ark
severity: medium
description: |
Wangshen SecGate 3600 2400 contains a path traversal caused by manipulation of the 'file_name' argument in '?g=log_export_file', letting remote attackers access arbitrary files, exploit requires remote access.
impact: |
Remote attackers can access sensitive files on the system, potentially leading to information disclosure or system compromise.
remediation: |
Implement input validation and sanitiz
No writeups or analysis indexed.
2025-04-29
Published
Exploited in the wild