CVE-2025-47952Path Traversal in Traefik

CWE-22Path Traversal5 documents4 sources
Severity
2.9LOWNVD
GHSA8.8OSV8.8
EPSS
0.4%
top 39.32%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
TraefikGithub.com Traefik Traefik V2Github.com Traefik Traefik V3+1 more
Timeline
PublishedMay 30

Description

Traefik (pronounced traffic) is an HTTP reverse proxy and load balancer. Prior to versions 2.11.25 and 3.4.1, there is a potential vulnerability in Traefik managing the requests using a PathPrefix, Path or PathRegex matcher. When Traefik is configured to route the requests to a backend using a matcher based on the path, if the URL contains a URL encoded string in its path, it’s possible to target a backend, exposed using another router, by-passing the middlewares chain. This issue has been patch

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

Affected Packages5 packages

CVEListV5traefik/traefik< 3.4.1+1
NVDtraefik/traefik3.0.03.4.1+1

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

4
CVEList
Traefik allows path traversal using url encoding2025-05-30
OSV
Traefik allows path traversal using url encoding in github.com/traefik/traefik2025-05-29
OSV
Traefik allows path traversal using url encoding2025-05-28
GHSA
Traefik allows path traversal using url encoding2025-05-28
CVE-2025-47952 — Path Traversal in Traefik | cvebase