A high-severity directory traversal vulnerability, identified as CVE-2025-50735, has been discovered in multiple NextChat thru products. This flaw could allow a remote, unauthenticated attacker to bypass security restrictions and access sensitive files on the underlying server. Successful exploitation could lead to the exposure of confidential data, system credentials, or other critical information, posing a significant risk to the organization's security and data integrity.

This is a directory traversal (also known as path traversal) vulnerability. It exists because the application fails to properly sanitize user-supplied input for file or directory paths. A remote, unauthenticated attacker can exploit this by sending a specially crafted request containing "dot-dot-slash" (../) sequences to an exposed application endpoint. This manipulation tricks the application into navigating outside of the intended web root directory, allowing the attacker to read, and potentially write or delete, arbitrary files on the server's file system with the permissions of the web server user.

This vulnerability is rated as High severity with a CVSS score of 7.5. Exploitation could have a significant negative impact on the business. An attacker could access confidential data, including customer information, intellectual property, application source code, and configuration files containing database credentials or API keys. This could lead to a major data breach, resulting in severe reputational damage, regulatory fines, and loss of customer trust. Furthermore, if the vulnerability allows file modification, an attacker could deface the website, plant a backdoor for persistent access, or cause a denial-of-service condition by deleting critical system files.

Immediate Action: Apply vendor security updates immediately across all affected systems. After patching, monitor for any signs of exploitation attempts by reviewing web server and application access logs for suspicious patterns indicative of directory traversal attacks.

Proactive Monitoring: Security teams should actively monitor for exploitation attempts. Review web server access logs for requests containing directory traversal sequences such as ../, ..%2f, or ..%5c. Configure Intrusion Detection/Prevention Systems (IDS/IPS) to alert on and block known directory traversal attack signatures. Implement File Integrity Monitoring (FIM) on critical server files to detect any unauthorized modifications.

Compensating Controls: If patching cannot be performed immediately, implement a Web Application Firewall (WAF) and enable rules designed to detect and block directory traversal attacks. Additionally, harden file system permissions to ensure the web server's service account has read/write access only to the directories it absolutely requires, restricting its ability to access sensitive system-level files.

Public Exploit Available: false

Given the high severity (CVSS 7.5) of this vulnerability and its potential for enabling unauthorized access to sensitive data, we strongly recommend that organizations prioritize the immediate application of the vendor-supplied security patches. Although this CVE is not currently listed on the CISA KEV list, its impact warrants urgent attention. All internet-facing instances of affected NextChat thru products should be considered at high risk. If immediate patching is not feasible, the compensating controls outlined above, particularly the use of a WAF, should be implemented as a temporary mitigation.