CVE-2025-13161 HIGH

CVE-2025-13161: IQ Service International｜IQ-Support - Arbitrary File Read

Vendor Iq Service International

Product IQ-Support

Weakness CWE-23

Published November 14, 2025

Last update November 14, 2025

View on NVD All CVEs

CVSS base score

8.7/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction None

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

01Description

IQ-Support developed by IQ Service International has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system files.

Key dates

02Disclosure timeline

November 14, 2025 CVE published

November 14, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-13161

Related vulnerabilities

04Related CVE

CVE-2021-34594 Beckhoff: Relative path traversal vulnerability through TwinCAT OPC UA Server CVE-2025-64714 PrivateBin's template-switching feature allows arbitrary local file inclusion through path traversal CVE-2023-1043 MuYuCMS index.php path traversal CVE-2023-38185 Microsoft Exchange Server Remote Code Execution Vulnerability CVE-2024-43454 Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability