CVE-2025-31134

Public Exploit

FreshRSS vulnerable to directory enumeration via ext.php

Description

FreshRSS is a self-hosted RSS feed aggregator. Prior to version 1.26.2, an attacker can gain additional information about the server by checking if certain directories exist. An attacker can, for example, check if older PHP versions are installed or if certain software is installed on the server and potentially use that information to further attack the server. Version 1.26.2 contains a patch for the issue.

References

Link	Tags
https://github.com/FreshRSS/FreshRSS/security/advisories/GHSA-jjm2-4hf7-9x65	vendor advisory exploit
https://github.com/FreshRSS/FreshRSS/commit/4568111c00813756a3a34a381d684b8354fc4438	patch

Frequently Asked Questions

What is the severity of CVE-2025-31134?: CVE-2025-31134 has been scored as a medium severity vulnerability.
How to fix CVE-2025-31134?: To fix CVE-2025-31134, make sure you are using an up-to-date version of the affected component(s) by checking the vendor release notes. As for now, there are no other specific guidelines available.
Is CVE-2025-31134 being actively exploited in the wild?: It is possible that CVE-2025-31134 is being exploited or will be exploited in a near future based on public information. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
What software or system is affected by CVE-2025-31134?: CVE-2025-31134 affects FreshRSS FreshRSS.

This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.

Description

Category

CWE-201 – Insertion of Sensitive Information Into Sent Data

References

Frequently Asked Questions