来源

关联漏洞

描述

CVE-2025-27210

介绍

# 🔓 **CVE-2025-27210 – High-Severity Path Traversal in Node.js on Windows**

---

### 🧠 Overview

**CVE-2025-27210** is a **path traversal vulnerability** in **Node.js**, affecting Windows systems. It involves improper handling of **Windows reserved device names** (like `CON`, `AUX`, `PRN`, etc.) by the `path.normalize()` and `path.join()` functions. Attackers can exploit this behavior to bypass path restrictions and access unauthorized files or directories.

---

### 🛠 Affected Versions

* Node.js **20.x** versions **below 20.19.4**
* Node.js **22.x** versions **below 22.17.1**
* Node.js **24.x** versions **below 24.4.1**

---

### ✅ Patched Versions

* Node.js **20.19.4**
* Node.js **22.17.1**
* Node.js **24.4.1**

These versions fix the issue by improving how paths are resolved on Windows.

---

### ⚠️ Who's Affected?

* **Only** Node.js applications running on **Windows** are affected.
* Any app using `path.join()` or `path.normalize()` with user input may be vulnerable.
* **Linux and macOS systems are not affected.**

---

### 🚨 Severity

* Rated as **High** severity.
* Exploiting this flaw could allow attackers to read, overwrite, or interfere with sensitive files outside the intended directories — especially in Windows environments.

<img width="908" height="718" alt="bug4" src="https://github.com/user-attachments/assets/0a90633e-a225-4adf-99bf-d78d778252d1" />


---

### 🛡️ Mitigation

1. **Update Node.js** to the patched versions listed above.
2. **Review your code**, especially where user input is used in file paths.
3. **Validate and sanitize paths** to ensure they stay within expected directories.
4. Consider **using whitelists or path filters** to avoid unsafe access.
5. Monitor your application for **suspicious path access patterns** after updating.

---

### 🔁 Background

This issue is related to a previous vulnerability (CVE-2025-23084) but introduces a **new bypass** using special Windows device names. It is a refinement of earlier path traversal concerns in Node.js on Windows.

---


### ⚠️ Disclaimer:

> This information is provided for **educational and authorized security research purposes only**. Any actions taken using this knowledge must comply with all applicable laws and ethical guidelines. The author is **not responsible for any misuse** of the information. Always obtain proper authorization before testing or interacting with any system.

文件快照

 [4.0K]  /data/pocs/67341a436f046fb92a071efc401d7a13bc8c2b59
├── [5.7K]  CVE-2025-27210.py
└── [2.4K]  README.md

0 directories, 2 files

备注