Medium severity6.5OSV Advisory· Published Aug 19, 2025· Updated Jun 17, 2026
CVE-2025-55295
CVE-2025-55295
Description
qBit Manage is a tool that helps manage tedious tasks in qBittorrent and automate them. A path traversal vulnerability exists in qbit_manage's web API that allows authenticated users to read arbitrary files from the server filesystem through the restore_config_from_backup endpoint. The vulnerability allows attackers to bypass directory restrictions and read arbitrary files from the server filesystem by manipulating the backup_id parameter with path traversal sequences (e.g., ../). This vulnerability is fixed in 4.5.4.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3v4.5.0, v4.5.1, v4.5.2, …+ 1 more
- (no CPE)range: v4.5.0, v4.5.1, v4.5.2, …
- (no CPE)range: <4.5.4
- Range: <4.5.4
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.