CVE-2025-30005

HIGH

Xorcom CompletePBX Arbitrary File Read and Deletion via systemDataFileName

Title source: metasploit
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-30005. PoCs published by Valentin Lobstein, including Metasploit module auxiliary/scanner/http/xorcom_completepbx_diagnostics_file_read.

AI-analyzed exploit summary This Metasploit module exploits an authenticated path traversal vulnerability (CVE-2025-30005) in Xorcom CompletePBX <= 5.2.35, allowing arbitrary file read and deletion via the `systemDataFileName` parameter in the `diagnostics` module.

Description

Xorcom CompletePBX is vulnerable to a path traversal via the Diagnostics reporting module, which will allow reading of arbitrary files and additionally delete any retrieved file in place of the expected report. This issue affects CompletePBX: all versions up to and prior to 5.2.35

Exploits (1)

metasploit WORKING POC
by Valentin Lobstein · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/xorcom_completepbx_diagnostics_file_read.rb

This Metasploit module exploits an authenticated path traversal vulnerability (CVE-2025-30005) in Xorcom CompletePBX <= 5.2.35, allowing arbitrary file read and deletion via the `systemDataFileName` parameter in the `diagnostics` module.

Classification
Working Poc 100%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Xorcom CompletePBX <= 5.2.35
Auth required
Prerequisites: Valid credentials for Xorcom CompletePBX · Network access to the target system
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References

Scores

CVSS v3 8.3
EPSS 0.7019
EPSS Percentile 98.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-22
Status published
Products (1)
xorcom/completepbx < 5.2.36.1
Published Mar 31, 2025
Tracked Since Feb 18, 2026