High
CVSS 8.4
Overview
An issue was discovered in Logpoint before 7.6.0. An attacker with operator privileges can exploit a path traversal vulnerability when creating a Layout Template, which can lead to remote code execution (RCE).
CVE-2025-54317
An issue was discovered in Logpoint before 7.6.0. An attacker with operator priv...
Risk analysis
This vulnerability is rated 🟠 HIGH.
- CVSS: 8.4 (HIGH)
- Detected tags: path, rce (tag impact: VERY HIGH)
Recommended actions:
- Canonicalize path; block `..` traversal; use allowlists.
- Patch/upgrade immediately (remote code execution).
- Reduce exposure (WAF/segmentation), minimize attack surface.