CVE-2025-66645 Overview
CVE-2025-66645 is a directory traversal vulnerability affecting NiceGUI, a Python-based UI framework developed by Zauberzeug. Versions 3.3.1 and below are vulnerable to directory traversal through the App.add_media_files() function, which allows a remote attacker to read arbitrary files on the server filesystem. This vulnerability enables unauthorized access to sensitive server-side files without requiring authentication.
Critical Impact
Remote attackers can exploit this directory traversal flaw to read arbitrary files from the server filesystem, potentially exposing configuration files, credentials, source code, and other sensitive data.
Affected Products
- Zauberzeug NiceGUI versions 3.3.1 and below
- Applications using the App.add_media_files() function with user-controllable paths
- Web applications built with vulnerable NiceGUI versions exposing media file endpoints
Discovery Timeline
- 2025-12-09 - CVE-2025-66645 published to NVD
- 2025-12-19 - Last updated in NVD database
Technical Details for CVE-2025-66645
Vulnerability Analysis
This directory traversal vulnerability (CWE-22) exists in the App.add_media_files() function within NiceGUI's application handling code. The vulnerability allows network-based exploitation without any privileges or user interaction, resulting in complete confidentiality compromise of server-side files.
The vulnerable function creates a route handler that serves files from a specified local directory. However, in versions 3.3.1 and below, the code failed to properly validate that the requested filepath remained within the intended directory boundary, allowing attackers to traverse outside the designated directory using sequences like ../.
Root Cause
The root cause lies in insufficient path validation when constructing the file path to serve. The original code directly concatenated the local directory with the user-supplied filename without verifying that the resulting path remained within the intended directory. This allowed attackers to use path traversal sequences (../) to escape the media directory and access arbitrary files on the filesystem.
Attack Vector
An attacker can exploit this vulnerability by sending crafted HTTP requests to endpoints created by App.add_media_files(). By including directory traversal sequences in the filename parameter, the attacker can navigate outside the intended media directory and read sensitive files such as /etc/passwd, application configuration files, or other sensitive data accessible to the web server process.
"""
@self.get(url_path.rstrip('/') + '/{filename:path}') # NOTE: prevent double slashes in route pattern
def read_item(request: Request, filename: str, nicegui_chunk_size: int = 8192) -> Response:
- filepath = Path(local_directory) / filename
- if not filepath.is_file():
+ local_dir = Path(local_directory).resolve()
+ filepath = (local_dir / filename).resolve()
+ if not filepath.is_relative_to(local_dir) or not filepath.is_file():
raise HTTPException(status_code=404, detail='Not Found')
return get_range_response(filepath, request, chunk_size=nicegui_chunk_size)
Source: GitHub Commit Update
Detection Methods for CVE-2025-66645
Indicators of Compromise
- HTTP requests containing path traversal sequences (../, ..%2f, ..%252f) targeting media file endpoints
- Access logs showing requests for sensitive system files like /etc/passwd, /etc/shadow, or application configuration files
- Unusual file access patterns in web server logs indicating reconnaissance activity
- Failed access attempts for files outside the expected media directory structure
Detection Strategies
- Implement web application firewall (WAF) rules to detect and block path traversal patterns in URL paths
- Monitor application logs for requests containing ../ sequences or URL-encoded variants
- Deploy SentinelOne Singularity platform for real-time detection of file access anomalies and exploitation attempts
- Enable verbose logging for NiceGUI applications to capture all file access requests
Monitoring Recommendations
- Configure alerting for any access attempts to sensitive system files through web application endpoints
- Implement file integrity monitoring on critical system files that could be targeted
- Review web server access logs regularly for path traversal indicators
- Monitor network traffic for unusual data exfiltration patterns following exploitation
How to Mitigate CVE-2025-66645
Immediate Actions Required
- Upgrade NiceGUI to version 3.4.0 or later immediately
- Audit existing applications using App.add_media_files() for potential exposure
- Review access logs for signs of prior exploitation attempts
- Implement network segmentation to limit access to vulnerable application servers
Patch Information
The vulnerability has been fixed in NiceGUI version 3.4.0. The fix implements proper path validation by resolving both the local directory and the constructed filepath to their canonical forms, then verifying that the filepath remains within the local directory boundary using Python's Path.is_relative_to() method. For detailed patch information, see the GitHub Security Advisory and the GitHub Commit Update.
Workarounds
- If immediate upgrade is not possible, disable or remove endpoints created with App.add_media_files() until patching is complete
- Implement reverse proxy rules to filter path traversal sequences from incoming requests
- Restrict network access to the NiceGUI application to trusted IP addresses only
- Consider running the application in a containerized environment with limited filesystem access
# Upgrade NiceGUI to the patched version
pip install --upgrade nicegui>=3.4.0
# Verify installed version
pip show nicegui | grep Version
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
