SentinelOne
CVE Vulnerability Database
Vulnerability Database/CVE-2025-47273

CVE-2025-47273: Python Setuptools Path Traversal Flaw

CVE-2025-47273 is a path traversal vulnerability in Python Setuptools that allows attackers to write files to arbitrary filesystem locations. This article covers the technical details, affected versions, and mitigation steps.

Updated:

CVE-2025-47273 Overview

setuptools is a package that allows users to download, build, install, upgrade, and uninstall Python packages. A path traversal vulnerability in PackageIndex is present in setuptools prior to version 78.1.1. An attacker would be allowed to write files to arbitrary locations on the filesystem with the permissions of the process running the Python code, which could escalate to remote code execution depending on the context. Version 78.1.1 fixes the issue.

Critical Impact

This vulnerability allows for arbitrary file writing, potentially leading to remote code execution.

Affected Products

  • python setuptools
  • debian debian_linux

Discovery Timeline

  • Not Available - Vulnerability discovered by Not Available
  • Not Available - Responsible disclosure to python
  • Not Available - CVE CVE-2025-47273 assigned
  • Not Available - python releases security patch
  • 2025-05-17 - CVE CVE-2025-47273 published to NVD
  • 2025-06-12 - Last updated in NVD database

Technical Details for CVE-2025-47273

Vulnerability Analysis

The vulnerability resides in the PackageIndex module of setuptools, where an improper input validation allows path traversal. This can enable attackers to manipulate file paths and write arbitrary files onto the filesystem.

Root Cause

The root cause is a path traversal issue in the PackageIndex module that does not properly validate input paths, allowing unauthorized file writing.

Attack Vector

The attack can be carried out over the network, exploiting the Python process executing the vulnerable setuptools version.

python
# Example exploitation code (sanitized)
import requests

url = "http://victim.com/vulnerable/path"
data = {'path': '../../../../etc/passwd'}
response = requests.post(url, data=data)
print(response.status_code)

Detection Methods for CVE-2025-47273

Indicators of Compromise

  • Unusual file write operations on the filesystem
  • Unexpected changes in files with sensitive data
  • Suspicious network requests with path traversal patterns

Detection Strategies

Utilize file integrity monitoring to detect unauthorized file changes and network monitoring to identify suspicious requests.

Monitoring Recommendations

Implement host-based intrusion detection systems (HIDS) to alert on any unauthorized file write attempts and configure network security controls to log path traversal attempts in URLs.

How to Mitigate CVE-2025-47273

Immediate Actions Required

  • Upgrade setuptools to version 78.1.1 or later
  • Conduct a security audit of systems using affected setuptools versions
  • Disable unnecessary network access to systems running the vulnerable software

Patch Information

Refer to the official GitHub commit for details about the patch.

Workarounds

Restrict file write permissions of processes running Python code and verify all user inputs thoroughly to prevent path traversal.

bash
# Configuration example
chmod -R o-w /path/to/sensitive/files

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

Experience the World’s Most Advanced Cybersecurity Platform

Experience the World’s Most Advanced Cybersecurity Platform

See how our intelligent, autonomous cybersecurity platform can protect your organization now and into the future.

Try SentinelOne