VYPR
Unrated severityNVD Advisory· Published Jan 9, 2026· Updated Jan 9, 2026

CVE-2025-67810

CVE-2025-67810

Description

In Area9 Rhapsode 1.47.3, an authenticated attacker can exploit the operation, url, and filename parameters via POST request to read arbitrary files from the server filesystem. Fixed in 1.47.4 (#7254) and further versions.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Area9/Rhapsodecpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: <=1.47.3

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.