CVE-2025-53505

Summary

Group-Office versions prior to 6.8.119 and prior to 25.0.20 provided by Intermesh BV contain a path traversal vulnerability. If this vulnerability is exploited, information on the server hosting the product may be exposed.

Affected Software

VendorProductVersion RangeStatus
Intermesh BVGroup-Officeprior to 6.8.119affected
Intermesh BVGroup-Officeprior to 25.0.20affected

Weaknesses

  • CWE-22: Improper limitation of a pathname to a restricted directory ('Path Traversal')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References