{"id":79947,"date":"2025-10-01T23:32:53","date_gmt":"2025-10-01T23:32:53","guid":{"rendered":""},"modified":"2025-11-02T03:01:46","modified_gmt":"2025-11-02T09:01:46","slug":"cve-2025-10449-critical-path-traversal-vulnerability-in-saysis-web-portal","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-10449-critical-path-traversal-vulnerability-in-saysis-web-portal\/","title":{"rendered":"CVE-2025-10449: Critical Path Traversal Vulnerability in Saysis Web Portal<\/strong>"},"content":{"rendered":"

Overview<\/strong><\/p>\n

The cybersecurity landscape is persistently evolving, and one of the critical vulnerabilities that has recently been identified is CVE-2025-10449. This vulnerability is an Improper Limitation of a Pathname to a Restricted Directory, commonly referred to as ‘Path Traversal’ vulnerability. It was found in the Saysis Web Portal developed by Saysis Computer Systems Trade Ltd. Co. The severity of this vulnerability<\/a> is amplified by the fact that it can potentially lead to system compromise or data leakage, which can have severe consequences for any organization using the affected versions of the portal.
\nThe discovery of this vulnerability is significant because it affects<\/a> a wide range of versions from 3.1.9 & 3.2.0 to version 3.2.1. It is therefore crucial for organizations using these versions to take immediate action to mitigate the risks associated with this vulnerability<\/a>.<\/p>\n

Vulnerability Summary<\/strong><\/p>\n

CVE ID: CVE-2025-10449
\nSeverity: Critical – CVSS score 8.6
\nAttack Vector: Network
\nPrivileges Required: Low
\nUser Interaction: Required
\nImpact: System compromise or data<\/a> leakage<\/p>\n

Affected Products<\/strong><\/p>

\r\n

\r\n \r\n \"Ameeba\r\n <\/a>\r\n A new way to communicate\r\n <\/h2>\r\n\r\n

\r\n Ameeba Chat is built on encrypted identity, not personal profiles.\r\n <\/p>\r\n\r\n

\r\n Message, call, share files, and coordinate with identities kept separate.\r\n <\/p>\r\n\r\n