VYPR
← All advisories
High severityNVD Advisory· Published May 28, 2026· Updated May 28, 2026

CVE-2025-48977

CVE-2025-48977

Description

Relative Path Traversal vulnerability in Apache Ignite REST API.

Authenticated REST API users can read any file on the server with "cmd=log" command and a log path crafted in a certain way. This issue affects Apache Ignite: from 2.0.0 through 2.17.0.

Users are recommended to upgrade to version 2.18.0, which fixes the issue.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Relative path traversal in Apache Ignite REST API allows authenticated users to read arbitrary files via crafted log path.

Vulnerability

Apache Ignite REST API contains a relative path traversal vulnerability in versions 2.0.0 through 2.17.0. The cmd=log endpoint validates paths by checking if the log path starts with the Ignite home directory, but this check can be bypassed using path traversal sequences like ../ [1]. This allows reading files outside the intended directory.

Exploitation

An authenticated attacker can craft a REST API request to the cmd=log endpoint with a specially crafted log path containing ../ sequences to navigate out of the Ignite home directory [1]. No additional privileges beyond REST API authentication are required.

Impact

Successful exploitation allows the attacker to read arbitrary files on the server, potentially including sensitive configuration files, credentials, or source code [1]. The advisory also mentions possible file creation/overwrite, but the official description states arbitrary file read.

Mitigation

Upgrade to Apache Ignite version 2.18.0, which fixes the vulnerability [1]. Users of versions 2.0.0 through 2.17.0 should apply the upgrade. There is no workaround available other than upgrading.

References
  1. security - CVE-2025-48977: Apache Ignite: Rest Http default Arbitrary file read vulnerability

AI Insight generated on May 28, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

1

Patches

0

No patches discovered yet.

Vulnerability mechanics

No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.

References

2

News mentions

0

No linked articles in our index yet.