Critical React Router Vulnerability Let Attackers Access or Modify Server Files

Critical React Router Vulnerability Let Attackers Access or Modify Server Files

Posted on By CWS

Safety researchers have recognized essential vulnerabilities in React Router that permit attackers to entry or modify server information by way of listing traversal.

The issues have an effect on a number of packages inside the React Router ecosystem and carry a CVSS v3 rating of 9.8, classifying them as essential severity.

CVE IDSeverityAttack VectorFlaw TypeCVE-2025-61686Critical (9.8)NetworkRemote Code Execution / DoS

Unauthorized File Entry Vulnerability

The first vulnerability, tracked as CVE-2025-61686, exists within the createFileSessionStorage() perform when used with unsigned cookies.

Attackers can manipulate session cookies to pressure the appliance to learn or write information exterior the designated session listing.

A number of packages inside the React Router and Remix ecosystem are impacted:

Package deal NameAffected Variations@react-router/node7.0.0 via 7.9.3@remix-run/deno2.17.1 and earlier@remix-run/node2.17.1 and earlier

The vulnerability permits listing traversal assaults via malicious session cookies.

Whereas attackers can not immediately retrieve file contents, profitable exploitation permits:

Studying information that match session file format specs. Modifying session knowledge that may very well be returned by utility logic.

Doubtlessly accessing delicate configuration information relying on server permissions. The assault’s effectiveness is dependent upon internet server course of permissions and file system entry controls.

Builders should instantly improve to patched variations:

Package deal NameSafe Model (Mounted)@react-router/node7.9.4 or later@remix-run/deno2.17.2 or later@remix-run/node2.17.2 or later

The safety patch addresses the listing traversal vulnerability by implementing correct path validation and sanitization inside the session storage mechanism.

In keeping with the GitHub Advisory, organizations utilizing affected variations of React Router ought to instantly improve to patched variations. Assessment server file permissions and entry controls.

Audit session storage implementations for unsigned cookie utilization. Monitor for suspicious session cookie patterns. Implement extra file-system restrictions the place possible.

Comply with us on Google Information, LinkedIn, and X for every day cybersecurity updates. Contact us to function your tales.

Cyber Security News Tags:, , , , , , , ,

Related Posts

TA584 Actors Leveraging ClickFix Social Engineering to Deliver Tsundere Bot Malware TA584 Actors Leveraging ClickFix Social Engineering to Deliver Tsundere Bot Malware Cyber Security News
The Rise of Subscription-Based Cybercrime The Rise of Subscription-Based Cybercrime Cyber Security News
Phishing Attacks Using AI-Powered Platforms to Misleads Users and Evades Security Tools Phishing Attacks Using AI-Powered Platforms to Misleads Users and Evades Security Tools Cyber Security News
North Korean Threat Actors Reveal Their Tactics in Replacing Infrastructure With New Assets North Korean Threat Actors Reveal Their Tactics in Replacing Infrastructure With New Assets Cyber Security News
Qilin Ransomware Leveraging Mspaint and Notepad to Find Files with Sensitive Information Qilin Ransomware Leveraging Mspaint and Notepad to Find Files with Sensitive Information Cyber Security News
Lazarus Hackers Trick Users Into Believing Their Camera or Microphone is Blocked to Deliver PyLangGhost RAT Lazarus Hackers Trick Users Into Believing Their Camera or Microphone is Blocked to Deliver PyLangGhost RAT Cyber Security News