CVE-2019-25355

HIGH 7.5

Genivia gSOAP 2.8 - 'gSOAP' Path Traversal

CVSS Score

7.5

EPSS Score

0.0%

EPSS Percentile

0th

gSOAP 2.8 contains a directory traversal vulnerability that allows unauthenticated attackers to access system files by manipulating HTTP path traversal techniques. Attackers can retrieve sensitive files like /etc/passwd by sending crafted GET requests with multiple '../' directory traversal sequences.

CWE	CWE-22
Vendor	genivia inc.
Product	gsoap
Published	Feb 18, 2026
Last Updated	Mar 5, 2026

Stay Ahead of the Next One

Get instant alerts for genivia inc. gsoap

Be the first to know when new high vulnerabilities affecting genivia inc. gsoap are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Affected Versions

Genivia Inc. / gSOAP

2.8

References

NVD ↗ CVE.org ↗ EPSS Data ↗

exploit-db.com: https://www.exploit-db.com/exploits/47653 genivia.com: https://www.genivia.com/ genivia.com: https://www.genivia.com/products.html#gsoap vulncheck.com: https://www.vulncheck.com/advisories/genivia-gsoap-gsoap-path-traversal

Credits

Numan Türle