CVE-2025-66645 in nicegui
Summary
by MITRE • 12/10/2025
NiceGUI is a Python-based UI framework. Versions 3.3.1 and below are vulnerable to directory traversal through the App.add_media_files() function, which allows a remote attacker to read arbitrary files on the server filesystem. This issue is fixed in version 3.4.0.
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Analysis
by VulDB Data Team • 01/09/2026
The vulnerability identified as CVE-2025-66645 affects NiceGUI, a Python-based web user interface framework that enables developers to create interactive applications using pure Python code. This security flaw exists within the App.add_media_files() function and represents a critical directory traversal vulnerability that can be exploited by remote attackers to access arbitrary files on the server filesystem. The affected versions include all releases up to and including 3.3.1, with the issue being resolved in version 3.4.0. This vulnerability falls under the Common Weakness Enumeration category CWE-22, which specifically addresses improper limitation of a pathname to a restricted directory, commonly known as path traversal or directory traversal attacks. The vulnerability allows attackers to manipulate file paths and access sensitive information that should remain protected within the server's file system.
The technical implementation of this vulnerability stems from insufficient input validation and sanitization within the App.add_media_files() function. When developers use this function to serve media files, the framework fails to properly validate user-supplied file paths, allowing malicious actors to craft specially crafted requests that can traverse the file system hierarchy. Attackers can exploit this weakness by submitting malicious file path parameters that include directory traversal sequences such as "../" or "..\\" to navigate beyond the intended media directory. This flaw enables unauthorized access to sensitive files including configuration files, source code, database files, and other system resources that should remain isolated from external access. The vulnerability is particularly dangerous because it can be exploited remotely without requiring authentication, making it an attractive target for automated exploitation tools and malicious actors seeking to compromise server environments.
The operational impact of this vulnerability extends beyond simple information disclosure, as it provides attackers with potential access to critical system resources that could lead to further compromise of the affected environment. Remote attackers can leverage this vulnerability to read sensitive files such as database connection strings, API keys, application secrets, and other confidential information that could be used to escalate privileges or conduct additional attacks. The attack surface is particularly concerning in environments where NiceGUI applications are deployed on servers with access to sensitive data repositories or where the application runs with elevated privileges. This vulnerability aligns with ATT&CK technique T1566, which describes social engineering tactics that can be used to gain initial access, and T1083, which covers file and directory discovery techniques. Organizations running affected versions of NiceGUI are at risk of data breaches, system compromise, and potential regulatory violations depending on the nature of the exposed data.
Mitigation strategies for this vulnerability begin with immediate upgrade to version 3.4.0 or later, which includes proper input validation and path sanitization mechanisms. Organizations should also implement network-level restrictions to limit access to the application's media serving endpoints and consider implementing additional security controls such as web application firewalls that can detect and block malicious path traversal attempts. Security teams should conduct comprehensive vulnerability assessments to identify any instances of the vulnerable function being used in production environments and ensure that all file paths are properly validated before processing. Additionally, implementing principle of least privilege for the application's file system access and regular monitoring of file access logs can help detect potential exploitation attempts. The fix implemented in version 3.4.0 addresses the core issue by introducing proper path validation that prevents directory traversal sequences from being processed, thereby eliminating the attack vector that enabled this vulnerability. Organizations should also consider implementing automated security scanning tools that can detect similar patterns in custom code implementations that might use similar file handling mechanisms.