CVE-2025-52465

June 18, 2026, 6:04 p.m.

7.2
High

Description

GeoServer is an open source server that allows users to share and edit geospatial data. Prior to versions 2.26.4 and 2.27.3, a vulnerability exists that allows an authenticated administrator with access to GeoServer's security system to pass arbitrary file names to the Master Password Dump web page and create files containing the master password in plaintext. The provided file name must be an absolute path to the target file, the target file can not already exist and all parent directories must already exist. Versions 2.26.4 and 2.27.3 contain a fix. GeoServer installations where the web interface is either disabled or completely removed are not affected since the vulnerability exists in one of the web pages.

Product(s) Impacted

Vendor Product Versions
Geoserver
  • Geoserver
  • <2.26.4, <2.27.3

Weaknesses

Common security weaknesses mapped to this vulnerability.

CWE-73
External Control of File Name or Path
The product allows user input to control or influence paths or file names that are used in filesystem operations.

*CPE(s)

Affected systems and software identified for this CVE.

Type Vendor Product Version Update Edition Language Software Edition Target Software Target Hardware Other Information
a geoserver geoserver <2.26.4 / / / / / / /
a geoserver geoserver <2.27.3 / / / / / / /

References

https://github.com/geoserver/geoserver/pull/8584
https://github.com/geoserver/geoserver/security/advisories/GHSA-7qmg-grcp-qf25
https://osgeo-org.atlassian.net/browse/GEOS-11852
https://research.checkpoint.com/2025/cve-2025-24054-ntlm-exploit-in-the-wild

Tags

[email protected]
CWE-73
2026-06-18
CVE-2025-52465

CVSS Score

7.2 / 10

CVSS Data - 3.1

  • Attack Vector: NETWORK
  • Attack Complexity: LOW
  • Privileges Required: HIGH
  • Scope: UNCHANGED
  • Confidentiality Impact: HIGH
  • Integrity Impact: HIGH
  • Availability Impact: HIGH

    • CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

    View Vector String

Timeline

Published: June 18, 2026, 4:16 p.m.
Last Modified: June 18, 2026, 6:04 p.m.

Status : Undergoing Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

[email protected]

*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.