CVE-2025-34098 HIGH

CVE-2025-34098: Riverbed SteelHead VCX Authenticated Arbitrary File Read via Log Filter Injection

Vendor Riverbed Technology

Product SteelHead VCX

Weakness CWE-200 · Info exposure

Published July 10, 2025

Last update May 14, 2026

View on NVD All CVEs

CVSS base score

7.1/10

Attack vector Network

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

01Description

A path traversal vulnerability exists in Riverbed SteelHead VCX appliances (confirmed in VCX255U 9.6.0a) due to improper input validation in the log filtering functionality exposed via the management web interface. An authenticated attacker can exploit this flaw by submitting crafted filter expressions to the log_filter endpoint using the filterStr parameter. This input is processed by a backend parser that permits execution of file expansion syntax, allowing the attacker to retrieve arbitrary system files via the log viewing interface.

Key dates

02Disclosure timeline

July 10, 2025 CVE published

May 14, 2026 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-34098 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/200.html

Related vulnerabilities

CVE-2025-34098: Riverbed SteelHead VCX Authenticated Arbitrary File Read via Log Filter Injection

01Description

02Disclosure timeline

03References

04Related CVE