CVE-2025-6108
Description
A vulnerability was found in hansonwang99 Spring-Boot-In-Action up to 807fd37643aa774b94fd004cc3adbd29ca17e9aa. It has been declared as critical. Affected by this vulnerability is the function watermarkTest of the file /springbt_watermark/src/main/java/cn/codesheep/springbt_watermark/service/ImageUploadService.java of the component File Upload. The manipulation of the argument filename leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The vendor was contacted early about this disclosure but did not respond in any way.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Path traversal vulnerability in Spring-Boot-In-Action's file upload endpoint allows remote attackers to write files to arbitrary locations.
Vulnerability
Overview
CVE-2025-6108 is a path traversal vulnerability in the Spring-Boot-In-Action project, specifically in the watermarkTest function of ImageUploadService.java. The root cause is the lack of proper validation on the filename parameter during file upload, allowing an attacker to control the destination path [1].
Exploitation
An unauthenticated remote attacker can exploit this by sending a crafted POST request to the /watermarktest endpoint with a filename containing path traversal sequences (e.g., ../../../exploit.sh). The application then writes the uploaded file to the attacker-specified location on the server filesystem [1]. No authentication is required, and the attack vector is network-based.
Impact
Successful exploitation enables arbitrary file write, which can lead to remote code execution if the attacker overwrites executable files (e.g., scripts, configuration files) or places a web shell in a publicly accessible directory. The CVSS v3 score of 6.3 reflects the medium severity, but the actual risk may be higher depending on the deployment context.
Mitigation
The vendor uses a rolling release model and has not provided a patched version. As of the publication date, no official fix is available, and the vendor did not respond to disclosure attempts. Users should implement input validation on the filename parameter, restrict upload paths to a dedicated directory, and ensure the application runs with minimal file system permissions.
AI Insight generated on May 19, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1- Range: <=807fd37643aa774b94fd004cc3adbd29ca17e9aa
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4News mentions
0No linked articles in our index yet.