CVE ID : CVE-2025-42970
Published : July 8, 2025, 1:15 a.m. | 35 minutes ago
Description : SAPCAR improperly sanitizes the file paths while extracting SAPCAR archives. Due to this, an attacker could craft a malicious SAPCAR archive containing directory traversal sequences. When a high privileged victim extracts this malicious archive, it is then processed by SAPCAR on their system, causing files to be extracted outside the intended directory and overwriting files in arbitrary locations. This vulnerability has a high impact on the integrity and availability of the application with no impact on confidentiality.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more…
Source: Read More