CVE-2025-58173 - FreshRSS vulnerable to authenticated RCE via path traversal inside include()

CVE ID : CVE-2025-58173 Published : 15 Dec 2025, 11:07 p.m. | 29 minutes ago Description : FreshRSS is a self-hosted RSS feed aggregator. In versions 1.23.0 through 1.27.0, using a path traversal inside the `language` user configuration parameter, it's possible to call `install.php` and perform various administrative actions as an unprivileged user. These actions include logging in as the admin, creating a new admin user, or set the database to an attacker-controlled MySQL server and abuse it to execute code in FreshRSS by setting malicious feed `curl_params` inside the `feed` table. Version 1.27.1 fixes the issue. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Source: Telegram CVE Monitor