CVE-2025-27445: Extension - rsjoomla.com - A path traversal vulnerability RSFirewall component 2.9.7 - 3.1.5 for Joomla

Description

A path traversal vulnerability in RSFirewall component 2.9.7 - 3.1.5 for Joomla was discovered. This vulnerability allows authenticated users to read arbitrary files outside the Joomla root directory. The flaw is caused by insufficient sanitization of user-supplied input in file path parameters, allowing attackers to exploit directory traversal sequences (e.g., ../) to access sensitive files

Classification

CVE ID: CVE-2025-27445

Problem Types

CWE-35: Path Traversal

Affected Products

Vendor: rsjoomla.com

Product: RSFirewall component for Joomla

References

https://nvd.nist.gov/vuln/detail/CVE-2025-27445
https://rsjoomla.com/

Timeline

2025-06-05 14:40:17 UTC
CVE

Extension - rsjoomla.com - A path traversal vulnerability RSFirewall component 2.9.7 - 3.1.5 for Joomla