Plataforma
go
Componente
github.com/ctfer-io/chall-manager
Corrigido em
0.1.5
0.1.4
CVE-2025-53632 describes a critical Path Traversal vulnerability discovered in Chall-Manager, a Go-based challenge management tool. This flaw allows attackers to potentially read sensitive files on the server by crafting malicious zip archives. The vulnerability impacts versions before 0.1.4, and a patch has been released to address the issue.
The Path Traversal vulnerability in Chall-Manager allows an attacker to bypass intended file access restrictions. By providing a specially crafted zip archive, an attacker can manipulate the extraction process to access files outside of the intended directory. This could lead to the exposure of sensitive configuration files, source code, or even system files, depending on the server's file system structure and permissions. The potential impact is significant, ranging from information disclosure to complete system compromise if the attacker gains access to credentials or other critical data.
CVE-2025-53632 was publicly disclosed on 2025-07-28. There is no immediate indication of active exploitation campaigns targeting this vulnerability. The CVSS score of 9.1 (CRITICAL) indicates a high probability of exploitation if the vulnerability is exposed. No public proof-of-concept exploits have been identified as of this writing.
Organizations and individuals deploying Chall-Manager in environments where zip archives are processed without proper validation are at risk. This includes those using Chall-Manager for CTF challenge management or similar applications. Shared hosting environments where Chall-Manager is installed alongside other applications are particularly vulnerable, as a compromise could potentially affect other tenants.
• go / binary: Use strings to search for file paths within the Chall-Manager binary. Look for patterns like ../ or absolute paths to sensitive directories.
strings /path/to/chall-manager | grep '../'• go / supply-chain: Examine dependencies for known vulnerabilities using go mod tidy and go vet.
• generic web: Monitor web server access logs for requests containing suspicious file paths or attempts to access files outside of the expected directory structure. Look for requests with ../ in the URL.
grep '../' /var/log/apache2/access.logdisclosure
Status do Exploit
EPSS
0.05% (percentil 15%)
CISA SSVC
Vetor CVSS
The primary mitigation for CVE-2025-53632 is to immediately upgrade Chall-Manager to version 0.1.4 or later. If upgrading is not feasible due to compatibility issues or downtime concerns, consider implementing strict input validation on any zip archives processed by Chall-Manager. This should include verifying the archive's contents and ensuring that file paths do not contain traversal sequences (e.g., '..'). Additionally, restrict the user account running Chall-Manager to the minimum necessary privileges to limit the potential damage from a successful exploit. After upgrading, confirm the fix by attempting to extract a zip archive with a path traversal payload and verifying that access is denied.
Atualize chall-manager para a versão 0.1.4 ou superior. Isso corrige a vulnerabilidade de zip slip ao validar corretamente as rotas dos arquivos extraídos do arquivo zip. A atualização pode ser realizada utilizando o gerenciador de pacotes Python, como pip.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2025-53632 is a critical Path Traversal vulnerability in Chall-Manager, allowing attackers to read arbitrary files by manipulating zip archive extraction.
You are affected if you are using Chall-Manager versions prior to 0.1.4. Upgrade immediately to mitigate the risk.
Upgrade Chall-Manager to version 0.1.4 or later. If upgrading is not possible, implement strict input validation on zip archives.
There is no immediate indication of active exploitation campaigns, but the high CVSS score suggests a potential for exploitation.
Refer to the Chall-Manager project's repository or website for the latest security advisories and updates.
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.
Envie seu arquivo go.mod e descubra na hora se você está afetado.