High severity7.2NVD Advisory· Published Mar 20, 2026· Updated Apr 14, 2026

CVE-2025-55988

Description

An issue in the component /Controllers/RestController.php of DreamFactory Core v1.0.3 allows attackers to execute a directory traversal via an unsanitized URI path.

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
dreamfactory/df-corePackagist	< 1.0.4	1.0.4

Affected products

Dreamfactory/Dreamfactory Core
cpe:2.3:a:dreamfactory:dreamfactory_core:1.0.3:*:*:*:*:*:*:*

Patches

54354605b2ec

Remove double dots from the resource in order to prevent directory traversal

https://github.com/dreamfactorysoftware/df-coreoleksandrkitSep 2, 2024via ghsa

commit

1 file changed · +1 −0

src/Http/Controllers/RestController.php+1 −0 modified

@@ -148,6 +148,7 @@ protected function handleServiceRequest(ServiceRequest $request, $service, $reso
 
             // fix removal of trailing slashes from resource
             if (!empty($resource)) {
+                $resource = str_replace(['..'], '', $resource);
                 $uri = \Request::getRequestUri();
                 if ((false === strpos($uri, '?') && '/' === substr($uri, strlen($uri) - 1, 1)) ||
                     ('/' === substr($uri, strpos($uri, '?') - 1, 1))

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

github.com/dreamfactorysoftware/df-core/commit/54354605b2ec9afe6ee96756a5a22f6f56828950nvdPatchWEB
github.com/advisories/GHSA-gv7f-w92j-383qghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2025-55988ghsaADVISORY
pentest-tools.com/PTT-2025-001-RemoteCodeExecution-via-URL-Path-Traversal.pdfnvdThird Party AdvisoryWEB

News mentions

No linked articles in our index yet.

cvss	0.468
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000