Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-44177

A directory traversal vulnerability was discovered in White Star Software Protop version 4.4.2-2024-11-27, specifically in the /pt3upd/ endpoint. An unauthenticated attacker can remotely read arbitrary files on the underlying OS using encoded traversal sequences.

Published

2025-07-09T16:15:23.427

Last Modified

2025-07-18T18:55:26.647

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 8.2 (HIGH)

Weaknesses

Type: Secondary
CWE-22

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	wss	protop	4.4.2-2024-11-27	Yes

References

https://gist.github.com/stSLAYER/4a2ecfbab1215a0be0dde59c4ac0122d Third Party Advisory, Exploit ([email protected])
https://protop.com Product ([email protected])