CVE-2025-48817 — Relative path traversal in Remote Desktop Client allows an unauthorized attacker... | CVE Daily

High CVSS 8.8

Overview

Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code over a network.

CWE: CWE-23 Published: 2025-07-08T17:15:45.867

Risk analysis

This vulnerability is rated 🟠 HIGH.

CVSS: 8.8 (HIGH)
Detected tags: path, unauth_access (tag impact: HIGH)

Recommended actions:

Canonicalize path; block `..` traversal; use allowlists.
Enforce authentication/authorization; reduce default endpoint exposure.

Recommended tools

Tags