CVE-2018-25365

HIGH 7.5

PCViewer vt1000 Directory Traversal via GET Request

CVSS Score

7.5

EPSS Score

0.0%

EPSS Percentile

0th

PCViewer vt1000 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by submitting relative path sequences in GET requests. Attackers can use path traversal sequences ../../../../../../../../../../../../etc/passwd to access sensitive system files outside the intended directory.

CWE	CWE-22
Vendor	pcviewer
Product	pcviewer
Published	May 25, 2026
Last Updated	May 26, 2026

Stay Ahead of the Next One

Get instant alerts for pcviewer pcviewer

Be the first to know when new high vulnerabilities affecting pcviewer pcviewer are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Affected Versions

PCViewer / PCViewer

vt1000

References

NVD ↗ CVE.org ↗ EPSS Data ↗

exploit-db.com: https://www.exploit-db.com/exploits/45248 softpedia.com: http://www.softpedia.com/get/System/File-Management/Pc-Viewer.shtml vulncheck.com: https://www.vulncheck.com/advisories/pcviewer-vt1000-directory-traversal-via-get-request

Credits

Berk Dusunur