CVE-2026-25705

SUSE · Rancher

A path traversal vulnerability in Rancher's Extensions allows high-privileged, authenticated users to perform unauthorized file operations via specifically crafted paths.

Executive summary

A path traversal vulnerability in SUSE Rancher allows high-privileged authenticated users to access or manipulate files outside of the intended directory.

Vulnerability

This is a path traversal vulnerability (CWE-35) within Rancher Extensions. Exploitation requires the attacker to have high privileges and potentially user interaction, though it allows for significant impact to confidentiality, integrity, and availability.

Business impact

Because this vulnerability allows for path traversal, a high-privileged attacker could read or modify critical system files, potentially leading to full cluster compromise. While the requirement for high-level authentication limits the immediate scope, the impact of a successful exploit is severe, warranting a high CVSS score of 8.4.

Remediation

Immediate Action: Update Rancher to the fixed versions: 2.14.1, 2.13.5, 2.12.9, or 2.11.13 as appropriate for your deployment.

Proactive Monitoring: Audit Rancher extension logs for suspicious file access patterns or unusual API calls involving directory traversal sequences.

Compensating Controls: Strictly enforce the principle of least privilege for all administrative accounts and restrict access to the Rancher management interface to trusted administrative networks.

Exploitation status

Public Exploit Available: No

Analyst recommendation

Security teams should prioritize updating their Rancher environments to the patched versions immediately. Given the potential for cluster-level impact, ensuring that only authorized personnel have high-level administrative access is a critical secondary defense.