CVE-2025-1035

MEDIUM NUCLEI

Komtera Technolgies KLog Server <3.1.1 - Path Traversal

Title source: llm

Description

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Komtera Technolgies KLog Server allows Manipulating Web Input to File System Calls.This issue affects KLog Server: before 3.1.1.

Nuclei Templates (1)

KLog Server - Path Traversal

MEDIUMVERIFIEDby s4e-io

References (2)

[Various Sources] https://www.klogserver.com/surum-notlari/3-1-1/

[Third Party Advisory, US Government Resource] https://www.usom.gov.tr/bildirim/tr-25-0037

Scores

CVSS v3 5.7

EPSS 0.6418

EPSS Percentile 98.5%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-22

Status published

Products (1)

Komtera Technolgies/KLog Server < 3.1.1

Published Feb 18, 2025

Tracked Since Feb 18, 2026