High severityNVD Advisory· Published Jul 16, 2025· Updated Apr 15, 2026

CVE-2025-34126

Description

A path traversal vulnerability exists in RIPS Scanner version 0.54. The vulnerability allows remote attackers to read arbitrary files on the system with the privileges of the web server by sending crafted HTTP GET requests to the 'windows/code.php' script with a manipulated 'file' parameter. This can lead to disclosure of sensitive information.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

codesec.blogspot.com/2015/03/rips-scanner-v-054-local-file-include.htmlnvd
raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/auxiliary/scanner/http/rips_traversal.rbnvd
rips-scanner.sourceforge.netnvd
www.exploit-db.com/exploits/18660nvd
www.vulncheck.com/advisories/rips-scanner-path-traversalnvd

News mentions

No linked articles in our index yet.

cvss	0.455
epss	0.067
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000