QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2025-58753

Back to search

CVE-2025-58753

Published: Sep 9, 2025

Modified: Sep 10, 2025

PUBLISHED

Description

Copyparty is a portable file server. In versions prior to 1.19.8, there was a missing permission-check in the shares feature (the `shr` global-option). When a share was created for just one file inside a folder, it was possible to access the other files inside that folder by guessing the filenames. It was not possible to descend into subdirectories in this manner; only the sibling files were accessible. This issue did not affect filekeys or dirkeys. Version 1.19.8 fixes the issue.

VendorProductVersions

9001

copyparty

affected
< 1.19.8

Weaknesses (CWE)

CWE-862
CWE-552

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now