CVE-2025-1035 MEDIUM

CVE-2025-1035: Path Traversal in Komtera Technolgies' KLog Server

Vendor Komtera Technolgies
Product KLog Server
Weakness CWE-22 · Path traversal
Published February 18, 2025
Last update June 6, 2026

CVSS base score

5.7/10
Attack vector Adjacent
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Komtera Technolgies KLog Server allows Manipulating Web Input to File System Calls. This issue affects KLog Server: before 3.1.1.

Key dates

02Disclosure timeline

February 18, 2025 CVE published
June 6, 2026 Record updated