CVE-2025-27092 – Path Traversal Vulnerability in GHOSTS Photo Retrieval Endpoint

https://notcve.org/view.php?id=CVE-2025-27092

19 Feb 2025 — GHOSTS is an open source user simulation framework for cyber experimentation, simulation, training, and exercise. A path traversal vulnerability was discovered in GHOSTS version 8.0.0.0 that allows an attacker to access files outside of the intended directory through the photo retrieval endpoint. The vulnerability exists in the /api/npcs/{id}/photo endpoint, which is designed to serve profile photos for NPCs (Non-Player Characters) but fails to properly validate and sanitize file paths. When an NPC is creat... • https://github.com/cmu-sei/GHOSTS/commit/e69827556a52ff813de00e1017c4b62598d2c887 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •