{"id":55816,"date":"2025-06-28T23:26:28","date_gmt":"2025-06-28T23:26:28","guid":{"rendered":""},"modified":"2025-10-21T10:43:12","modified_gmt":"2025-10-21T16:43:12","slug":"cve-2025-52562-directory-traversal-vulnerability-in-performave-convoy-localecontroller","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-52562-directory-traversal-vulnerability-in-performave-convoy-localecontroller\/","title":{"rendered":"<strong>CVE-2025-52562: Directory Traversal Vulnerability in Performave Convoy LocaleController<\/strong>"},"content":{"rendered":"<p><strong>Overview<\/strong><\/p>\n<p>The CVE-2025-52562 is a severe security flaw found in Performave Convoy, a widely used KVM server management panel by hosting businesses. The vulnerability lies in the LocaleController component of the software. Specifically, it allows an unauthenticated <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-49281-critical-php-remote-file-inclusion-vulnerability-in-unfoldwp-magways\/\"  data-wpil-monitor-id=\"62210\">remote attacker to exploit a directory traversal vulnerability<\/a>, potentially leading to system compromise and data leakage. As the <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-6454-authenticated-user-exploit-in-gitlab-ce-ee-through-proxy-environments\/\"  data-wpil-monitor-id=\"90781\">exploit does not require user<\/a> interaction, it presents a substantial risk to businesses relying on Performave Convoy for their operations.<\/p>\n<p><strong>Vulnerability Summary<\/strong><\/p>\n<p>CVE ID: CVE-2025-52562<br \/>\nSeverity: Critical (CVSS 10.0)<br \/>\nAttack Vector: Network<br \/>\nPrivileges Required: None<br \/>\nUser Interaction: None<br \/>\nImpact: <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-49415-path-traversal-vulnerability-in-fw-gallery-with-potential-for-system-compromise\/\"  data-wpil-monitor-id=\"62397\">Potential system<\/a> compromise or data leakage<\/p>\n<p><strong>Affected Products<\/strong><\/p><div id=\"ameeb-698572224\" class=\"ameeb-content-2 ameeb-entity-placement\"><div style=\"border-left: 4px solid #555; padding-left: 20px; margin: 48px 0; font-family: Roboto, sans-serif; color: #ffffff; line-height: 1.6; max-width: 700px;\">\r\n  <h2 style=\"margin-top: 0; font-size: 20px; font-weight: 600; display: flex; align-items: center;\">\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\" style=\"display: inline-flex; align-items: center; margin-right: 8px;\">\r\n      <img decoding=\"async\" src=\"https:\/\/www.ameeba.com\/blog\/wp-content\/uploads\/2025\/10\/Best-App-icon-Ameeba.png\" alt=\"Ameeba Chat Icon\" style=\"width: 40px; height: 40px;\" \/>\r\n    <\/a>\r\n    A new way to communicate\r\n  <\/h2>\r\n\r\n  <p style=\"margin-bottom: 12px;\">\r\n    Ameeba Chat is built on encrypted identity, not personal profiles.\r\n  <\/p>\r\n\r\n  <p style=\"margin-bottom: 16px;\">\r\n    Message, call, share files, and coordinate with identities kept separate.\r\n  <\/p>\r\n\r\n  <ul style=\"list-style: none; padding-left: 0; margin-bottom: 20px;\">\r\n    <li>\u2022 Encrypted identity<\/li>\r\n    <li>\u2022 Ameeba Chat authenticates access<\/li>\r\n    <li>\u2022 Aliases and categories<\/li>\r\n    <li>\u2022 End-to-end encrypted chat, calls, and files<\/li>\r\n    <li>\u2022 Secure notes for sensitive information<\/li>\r\n  <\/ul>\r\n\r\n  <p style=\"font-style: italic; font-weight: 600; margin-bottom: 24px;\">\r\n    Private communication, rethought.\r\n  <\/p>\r\n\r\n  <div style=\"display: flex; flex-wrap: wrap; gap: 12px;\">\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\/download\" style=\"background-color: #ffffff; color: #000000; padding: 10px 20px; text-decoration: none; border-radius: 6px; font-weight: 500;\">Download Ameeba Chat<\/a>\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\" style=\"border: 1px solid #ffffff; color: #ffffff; padding: 10px 20px; text-decoration: none; border-radius: 6px; font-weight: 500;\">Learn More<\/a>\r\n  <\/div>\r\n<\/div>\r\n<\/div>\n<p>Product | Affected Versions<\/p>\n<p>Performave Convoy | 3.9.0-rc3 to 4.4.0<\/p>\n<p><strong>How the Exploit Works<\/strong><\/p>\n<p>The directory <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-49879-path-traversal-vulnerability-in-themezaa-litho\/\"  data-wpil-monitor-id=\"62382\">traversal vulnerability<\/a> is present in the LocaleController component of Performave Convoy. An attacker can craft a malicious <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-6162-critical-buffer-overflow-vulnerability-in-totolink-ex1200t-http-post-request-handler\/\"  data-wpil-monitor-id=\"62297\">HTTP request<\/a> with specific locale and namespace parameters, thereby exploiting the directory traversal vulnerability. Thus, the attacker can include and execute arbitrary <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-49278-critical-php-remote-file-inclusion-vulnerability-in-unfoldwp-blogty\/\"  data-wpil-monitor-id=\"62222\">PHP files<\/a> on the server, potentially leading to system compromise and data leakage.<\/p>\n<p><strong>Conceptual Example Code<\/strong><\/p><div id=\"ameeb-805973195\" class=\"ameeb-content ameeb-entity-placement\"><div class=\"poptin-embedded\" data-id=\"f6b387694f681\"><\/div>\r\n\r\n\r\n\r\n\r\n\r\n<\/div>\n<p>For illustration, a conceptual example of a malicious HTTP <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-6001-cross-site-request-forgery-vulnerability-in-virtuemart-product-image-upload-function\/\"  data-wpil-monitor-id=\"62211\">request exploiting this vulnerability<\/a> might look like this:<\/p>\n<pre><code class=\"\" data-line=\"\">GET \/localeController?locale=..\/..\/..\/..\/malicious.php&amp;namespace= HTTP\/1.1\nHost: vulnerable-server.com<\/code><\/pre>\n<p>In the above example, the attacker is using the `locale` parameter in the HTTP request to traverse the directory structure (&#8216;..\/..\/..\/..\/&#8217;) and execute a malicious <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-49279-php-remote-file-inclusion-vulnerability-in-unfoldwp-blogvy\/\"  data-wpil-monitor-id=\"62230\">PHP file<\/a> (&#8216;malicious.php&#8217;) on the server. This is a conceptual representation and might differ in real-world scenarios based on the server&#8217;s specific configurations and setup.<\/p>\n<p><strong>Recommendations for Mitigation<\/strong><\/p>\n<p>The <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2015-0843-critical-buffer-overflow-vulnerability-in-yubiserver-before-version-0-6\/\"  data-wpil-monitor-id=\"65160\">vulnerability has been patched in Performave Convoy version<\/a> 4.4.1. Therefore, users are strongly advised to update to this version or later to mitigate the risk. If immediate update is not possible, implementing strict Web Application Firewall (WAF) rules to filter incoming requests targeting the <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-49216-critical-authentication-bypass-vulnerability-in-trend-micro-endpoint-encryption-policyserver\/\"  data-wpil-monitor-id=\"62684\">vulnerable endpoints<\/a> can serve as a temporary workaround. Intrusion Detection Systems (IDS) can also be used to monitor and alert on <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2024-7457-macos-authorization-model-exploit-leading-to-potential-mitm-attacks\/\"  data-wpil-monitor-id=\"80047\">potential exploitation<\/a> attempts.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Overview The CVE-2025-52562 is a severe security flaw found in Performave Convoy, a widely used KVM server management panel by hosting businesses. The vulnerability lies in the LocaleController component of the software. Specifically, it allows an unauthenticated remote attacker to exploit a directory traversal vulnerability, potentially leading to system compromise and data leakage. As the [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"footnotes":""},"categories":[1],"tags":[],"vendor":[],"product":[],"attack_vector":[85],"asset_type":[],"severity":[],"exploit_status":[],"class_list":["post-55816","post","type-post","status-publish","format-standard","hentry","category-uncategorized","attack_vector-directory-traversal"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/55816","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/comments?post=55816"}],"version-history":[{"count":10,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/55816\/revisions"}],"predecessor-version":[{"id":83726,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/55816\/revisions\/83726"}],"wp:attachment":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/media?parent=55816"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/categories?post=55816"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/tags?post=55816"},{"taxonomy":"vendor","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/vendor?post=55816"},{"taxonomy":"product","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/product?post=55816"},{"taxonomy":"attack_vector","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/attack_vector?post=55816"},{"taxonomy":"asset_type","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/asset_type?post=55816"},{"taxonomy":"severity","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/severity?post=55816"},{"taxonomy":"exploit_status","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/exploit_status?post=55816"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}