Description

Cola Dnslog v1.3.2 is vulnerable to Directory Traversal. When a DNS query for a TXT record is processed, the application concatenates the requested URL (or a portion of it) directly with a base path using os.path.join. This bypass allows directory traversal or absolute path injection, leading to the potential exposure of sensitive information.

INFO

Published Date :

2025-12-26T00:00:00.000Z

Last Modified :

2025-12-27T15:35:51.254Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2025-57403 vulnerability.

Vendors Products
Abelche
  • Cola Dnslog
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-57403.

URL Resource
https://gist.github.com/Captaince/99b728c792c72b2666c2400625702df0 cve-icon cve-icon
https://github.com/AbelChe/cola_dnslog/issues/29 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact