CVE-2025-29866 - Vulnerability Details - OpenCVE

: External Control of File Name or Path vulnerability in TAGFREE X-Free Uploader XFU allows : Parameter Injection.This issue affects X-Free Uploader: from 1.0.1.0084 before 1.0.1.0085, from 2.0.1.0034 before 2.0.1.0035.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact None

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact None

Subsequent System Integrity Impact None

Subsequent System Availability Impact None

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact total

Vendors	Products
Tagfree	X Free Uploader

No data.

No data.

References

Link	Providers
https://www.boho.or.kr/kr/bbs/view.do?searchCnd=&bbsId=B0000302&searchWrd=&menuNo=205023&pageIndex=1&categoryCode=&nttId=71827

History

Thu, 07 Aug 2025 22:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Tagfree Tagfree x Free Uploader
Vendors & Products		Tagfree Tagfree x Free Uploader

Thu, 07 Aug 2025 14:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Thu, 07 Aug 2025 05:30:00 +0000

Type	Values Removed	Values Added
Description		: External Control of File Name or Path vulnerability in TAGFREE X-Free Uploader XFU allows : Parameter Injection.This issue affects X-Free Uploader: from 1.0.1.0084 before 1.0.1.0085, from 2.0.1.0034 before 2.0.1.0035.
Weaknesses		CWE-73
References		https://www.boho.or.kr/kr/bbs/view.do?searchCnd=&bbsId=B0000302&searchWrd=&menuNo=205023&pageIndex=1&categoryCode=&nttId=71827
Metrics		cvssV4_0 `{'score': 8.8, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N'}`

MITRE

Status: PUBLISHED

Assigner: krcert

Published: 2025-08-07T05:09:53.284Z

Updated: 2025-08-07T13:37:56.611Z

Reserved: 2025-03-12T07:03:23.441Z

Link: CVE-2025-29866

Vulnrichment

Updated: 2025-08-07T13:37:51.459Z

NVD

Status : Awaiting Analysis

Published: 2025-08-07T06:15:41.943

Modified: 2025-08-07T21:26:37.453

Link: CVE-2025-29866

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-29866", "assignerOrgId": "cdd7a122-0fae-4202-8d86-14efbacc2863", "state": "PUBLISHED", "assignerShortName": "krcert", "dateReserved": "2025-03-12T07:03:23.441Z", "datePublished": "2025-08-07T05:09:53.284Z", "dateUpdated": "2025-08-07T13:37:56.611Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "packageName": "XFU", "product": "X-Free Uploader", "vendor": "TAGFREE", "versions": [{"changes": [{"at": "1.0.1.0085", "status": "unaffected"}], "lessThan": "1.0.1.0085", "status": "affected", "version": "1.0.1.0084", "versionType": "custom"}, {"changes": [{"at": "2.0.1.0035", "status": "unaffected"}], "lessThan": "2.0.1.0035", "status": "affected", "version": "2.0.1.0034", "versionType": "custom"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": ": External Control of File Name or Path vulnerability in TAGFREE X-Free Uploader XFU allows : Parameter Injection.<p>This issue affects X-Free Uploader: from 1.0.1.0084 before 1.0.1.0085, from 2.0.1.0034 before 2.0.1.0035.</p>"}], "value": ": External Control of File Name or Path vulnerability in TAGFREE X-Free Uploader XFU allows : Parameter Injection.This issue affects X-Free Uploader: from 1.0.1.0084 before 1.0.1.0085, from 2.0.1.0034 before 2.0.1.0035."}], "impacts": [{"capecId": "CAPEC-137", "descriptions": [{"lang": "en", "value": "CAPEC-137: Parameter Injection"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 8.8, "baseSeverity": "HIGH", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-73", "description": "CWE-73: External Control of File Name or Path", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "cdd7a122-0fae-4202-8d86-14efbacc2863", "shortName": "krcert", "dateUpdated": "2025-08-07T05:09:53.284Z"}, "references": [{"url": "https://www.boho.or.kr/kr/bbs/view.do?searchCnd=&bbsId=B0000302&searchWrd=&menuNo=205023&pageIndex=1&categoryCode=&nttId=71827"}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-08-07T13:37:16.414512Z", "id": "CVE-2025-29866", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-07T13:37:56.611Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-29866", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-08-07T13:37:16.414512Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-07T13:37:51.459Z"}}], "cna": {"source": {"discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-137", "descriptions": [{"lang": "en", "value": "CAPEC-137: Parameter Injection"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.8, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "TAGFREE", "product": "X-Free Uploader", "versions": [{"status": "affected", "changes": [{"at": "1.0.1.0085", "status": "unaffected"}], "version": "1.0.1.0084", "lessThan": "1.0.1.0085", "versionType": "custom"}, {"status": "affected", "changes": [{"at": "2.0.1.0035", "status": "unaffected"}], "version": "2.0.1.0034", "lessThan": "2.0.1.0035", "versionType": "custom"}], "packageName": "XFU", "defaultStatus": "unaffected"}], "references": [{"url": "https://www.boho.or.kr/kr/bbs/view.do?searchCnd=&bbsId=B0000302&searchWrd=&menuNo=205023&pageIndex=1&categoryCode=&nttId=71827"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": ": External Control of File Name or Path vulnerability in TAGFREE X-Free Uploader XFU allows : Parameter Injection.This issue affects X-Free Uploader: from 1.0.1.0084 before 1.0.1.0085, from 2.0.1.0034 before 2.0.1.0035.", "supportingMedia": [{"type": "text/html", "value": ": External Control of File Name or Path vulnerability in TAGFREE X-Free Uploader XFU allows : Parameter Injection.<p>This issue affects X-Free Uploader: from 1.0.1.0084 before 1.0.1.0085, from 2.0.1.0034 before 2.0.1.0035.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-73", "description": "CWE-73: External Control of File Name or Path"}]}], "providerMetadata": {"orgId": "cdd7a122-0fae-4202-8d86-14efbacc2863", "shortName": "krcert", "dateUpdated": "2025-08-07T05:09:53.284Z"}}}, "cveMetadata": {"cveId": "CVE-2025-29866", "state": "PUBLISHED", "dateUpdated": "2025-08-07T13:37:56.611Z", "dateReserved": "2025-03-12T07:03:23.441Z", "assignerOrgId": "cdd7a122-0fae-4202-8d86-14efbacc2863", "datePublished": "2025-08-07T05:09:53.284Z", "assignerShortName": "krcert"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": ": External Control of File Name or Path vulnerability in TAGFREE X-Free Uploader XFU allows : Parameter Injection.This issue affects X-Free Uploader: from 1.0.1.0084 before 1.0.1.0085, from 2.0.1.0034 before 2.0.1.0035."}, {"lang": "es", "value": "CVE-2025-29866\t:Vulnerabilidad de control externo de nombre de archivo o ruta en TAGFREE X-Free Uploader XFU permite: Inyecci\u00f3n de par\u00e1metros. Este problema afecta a X-Free Uploader: desde 1.0.1.0084 antes de 1.0.1.0085, desde 2.0.1.0034 antes de 2.0.1.0035."}], "id": "CVE-2025-29866", "lastModified": "2025-08-07T21:26:37.453", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "vuln@krcert.or.kr", "type": "Secondary"}]}, "published": "2025-08-07T06:15:41.943", "references": [{"source": "vuln@krcert.or.kr", "url": "https://www.boho.or.kr/kr/bbs/view.do?searchCnd=&bbsId=B0000302&searchWrd=&menuNo=205023&pageIndex=1&categoryCode=&nttId=71827"}], "sourceIdentifier": "vuln@krcert.or.kr", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-73"}], "source": "vuln@krcert.or.kr", "type": "Secondary"}]}