CVE-2025-53417 — DIAView (v4.2.0 and prior) - Directory Traversal Information Disclosure Vulnerab... | CVE Daily

Critical CVSS 9.3

Overview

DIAView (v4.2.0 and prior) - Directory Traversal Information Disclosure Vulnerability

CWE: CWE-35 Published: 2025-08-05T03:15:26.500

Risk analysis

This vulnerability is rated 🔴 CRITICAL.

CVSS: 9.3 (CRITICAL)
Detected tags: info_leak, path (tag impact: MODERATE)

Recommended actions:

Reduce verbose errors, remove debug endpoints, minimize PII in logs.
Canonicalize path; block `..` traversal; use allowlists.

Recommended tools

Tags