mojoPortal, Directory Traversal, CVE-2025-28367 (Critical)

By /

Listen to this Post

How the CVE Works

CVE-2025-28367 exploits a directory traversal vulnerability in mojoPortal versions <=2.9.0.1 via the BetterImageGallery API Controller’s ImageHandler action. An attacker manipulates file path inputs using `../` sequences to traverse directories and access sensitive files like Web.Config. Successful exploitation allows retrieval of the MachineKey, compromising encryption and authentication mechanisms. The flaw arises from insufficient input validation, enabling unauthorized file reads on the server.

DailyCVE Form

Platform: mojoPortal
Version: <=2.9.0.1
Vulnerability: Directory Traversal
Severity: Critical
Date: 06/23/2025

Prediction: Patch expected by 07/15/2025

What Undercode Say

Analytics

curl -X GET "http://target/api/BetterImageGallery/ImageHandler?file=../../Web.Config"
grep -r "MachineKey" /var/www/mojoPortal/Web.Config

How Exploit

  • Craft malicious path traversal request.
  • Retrieve `Web.Config` via API.
  • Extract `MachineKey` for further attacks.

Protection from this CVE

  • Update to mojoPortal >2.9.0.1.
  • Implement strict input validation.
  • Restrict file access permissions.

Impact

  • Unauthorized data exposure.
  • Session hijacking.
  • System compromise.

Sources:

Reported By: nvd.nist.gov
Extra Source Hub:
Undercode

Join Our Cyber World:

💬 Whatsapp | 💬 TelegramFeatured Image

Scroll to Top