CVE-2018-1000850

HIGH

Square Retrofit <2.5.0 - Path Traversal

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-1000850. PoCs published by shoucheng3.

AI-analyzed exploit summary This repository appears to be a snapshot of the Retrofit library (version 2.4.0) and does not contain an actual exploit PoC for CVE-2018-1000850. The files are primarily build scripts, READMEs, and source code for the library itself.

Description

Square Retrofit version versions from (including) 2.0 and 2.5.0 (excluding) contains a Directory Traversal vulnerability in RequestBuilder class, method addPathParameter that can result in By manipulating the URL an attacker could add or delete resources otherwise unavailable to her.. This attack appear to be exploitable via An attacker should have access to an encoded path parameter on POST, PUT or DELETE request.. This vulnerability appears to have been fixed in 2.5.0 and later.

Exploits (1)

nomisec STUB
by shoucheng3 · poc
https://github.com/shoucheng3/square__retrofit_CVE-2018-1000850_2-4-0

This repository appears to be a snapshot of the Retrofit library (version 2.4.0) and does not contain an actual exploit PoC for CVE-2018-1000850. The files are primarily build scripts, READMEs, and source code for the library itself.

Classification
Stub 90%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: Retrofit 2.4.0
No auth needed
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (7)

Core 7
Core References
Exploit, Third Party Advisory x_refsource_misc
https://ihacktoprotect.com/post/retrofit-path-traversal/
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2019:3892

Scores

CVSS v3 7.5
EPSS 0.0306
EPSS Percentile 87.1%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Details

CWE
CWE-22
Status published
Products (2)
com.squareup.retrofit2/retrofit 2.0.0 - 2.5.0Maven
squareup/retrofit 2.0.0 - 2.5.0
Published Dec 20, 2018
Tracked Since Feb 18, 2026