Platform
dotnet
Component
servicestack
Fixed in
8.4.1
CVE-2025-6445 is a Remote Code Execution (RCE) vulnerability affecting ServiceStack versions 8.4.0 through 8.4.0. This flaw stems from insufficient validation of user-supplied paths within the FindType method, allowing attackers to potentially execute arbitrary code. A fix is available in version 8.06, and users are strongly advised to upgrade immediately.
The impact of CVE-2025-6445 is significant due to its RCE nature. An attacker who can successfully exploit this vulnerability can gain complete control over the affected system, potentially leading to data breaches, system compromise, and further lateral movement within the network. The vulnerability's reliance on interaction with the ServiceStack library means that applications utilizing this library are at risk, and the specific attack vectors will depend on the application's implementation. This could allow attackers to read sensitive configuration files, modify application behavior, or even install malware.
CVE-2025-6445 was publicly disclosed on 2025-06-25. The vulnerability's ease of exploitation, combined with the potential for significant impact, warrants careful attention. Currently, there are no known active campaigns targeting this specific vulnerability, but the availability of a public CVE and the RCE nature of the flaw increase the likelihood of exploitation attempts. It is not currently listed on the CISA KEV catalog.
Exploit Status
EPSS
0.60% (69% percentile)
CISA SSVC
CVSS Vector
The primary mitigation for CVE-2025-6445 is to upgrade to ServiceStack version 8.06 or later, which includes the necessary fix. If immediate upgrading is not possible, consider implementing temporary workarounds such as restricting access to the FindType method or implementing stricter input validation on any user-supplied paths used within the application. While a WAF might offer some protection, it's unlikely to be sufficient without proper input validation. After upgrading, confirm the fix by attempting to trigger the vulnerable FindType method with a malicious path and verifying that it is properly sanitized and does not result in code execution.
Actualice ServiceStack a la versión 8.06 o superior. Esto corrige la vulnerabilidad de recorrido de directorios en el método FindType. Consulte las notas de la versión en el sitio web de ServiceStack para obtener más detalles sobre la actualización.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-6445 is a Remote Code Execution vulnerability in ServiceStack's FindType method, allowing attackers to execute arbitrary code due to insufficient path validation in versions 8.4.0-8.4.0.
If you are using ServiceStack versions 8.4.0 through 8.4.0, you are potentially affected. Assess your application's usage of the FindType method and upgrade as soon as possible.
Upgrade to ServiceStack version 8.06 or later to remediate the vulnerability. If immediate upgrading is not possible, implement temporary workarounds like restricting access or input validation.
While there are no confirmed active campaigns targeting this specific vulnerability currently, its RCE nature and public disclosure increase the risk of exploitation.
Refer to the official ServiceStack security advisory for detailed information and updates regarding CVE-2025-6445. Check the ServiceStack website for the latest announcements.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your packages.lock.json file and we'll tell you instantly if you're affected.