CVE-2025-54347
CRITICALDesktop Alert PingAlert Application Server 6.1.0.11-6.1.1.2 - Path Traversal and Arbitrary File Write
Title source: llmDescription
A Directory Traversal vulnerability was found in the Application Server of Desktop Alert PingAlert version 6.1.0.11 to 6.1.1.2 which allows an attacker to write arbitrary files under certain conditions.
References (1)
Core 1
Core References
Vendor Advisory
https://desktopalert.net/cve-2025-54347/
Scores
CVSS v3
9.9
EPSS
0.0062
EPSS Percentile
44.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-22
Status
published
Products (1)
desktopalert/pingalert_application_server
6.1.0.11 - 6.1.1.6
Published
Nov 24, 2025
Tracked Since
Feb 18, 2026