CVE-2025-66687 in Doom Launcher
Summary
by MITRE • 03/16/2026
Doom Launcher 3.8.1.0 is vulnerable to Directory Traversal due to missing file path validation during the extraction of game files
If you want to get best quality of vulnerability data, you may have to visit VulDB.
Analysis
by VulDB Data Team • 03/21/2026
The vulnerability identified as CVE-2025-66687 affects Doom Launcher version 3.8.1.0 and represents a critical directory traversal flaw that stems from inadequate input validation during the extraction process of game files. This weakness allows malicious actors to manipulate file paths and potentially access or overwrite files outside the intended directory structure. The vulnerability resides in the launcher's handling of compressed game archives where proper sanitization of file paths is not implemented, creating an avenue for attackers to exploit the software's extraction mechanism. Such flaws typically occur when applications fail to properly validate or sanitize user-supplied paths before processing them, leading to unauthorized access to system resources. The issue manifests when the launcher extracts files from compressed archives without adequately checking the integrity of file paths, enabling attackers to specify arbitrary locations for file placement. This type of vulnerability falls under the CWE-22 category, which specifically addresses directory traversal or path traversal attacks that allow attackers to access files and directories outside the intended scope. The vulnerability is particularly concerning in gaming contexts where launcher applications often have elevated privileges and may be used to manage game installations, updates, and configurations. Attackers could leverage this weakness to install malicious files in system directories, overwrite critical game components, or access sensitive user data stored within the application's directory structure.
The operational impact of this vulnerability extends beyond simple unauthorized file access and can potentially lead to complete system compromise. When exploited, the directory traversal flaw enables attackers to place malicious code in critical system locations, potentially allowing for privilege escalation or persistent access. The attack surface is particularly dangerous because gaming launchers often run with elevated permissions to manage game installations and updates, making successful exploitation more impactful. An attacker could manipulate the extraction process to place backdoors, trojans, or other malicious components in system directories, effectively creating a persistent threat vector. Additionally, the vulnerability could be used to corrupt game files or install modified versions of legitimate game components, potentially leading to game instability or complete system compromise. The flaw particularly affects users who download games from untrusted sources, as the malicious extraction process could occur without user knowledge or consent. This vulnerability is classified under the ATT&CK technique T1059.007 for command and scripting interpreter, where attackers might leverage the compromised launcher to execute malicious code through modified game files. The attack chain typically involves preparing a malicious archive with specially crafted file paths that, when extracted by the vulnerable launcher, will place files in unintended locations. The exploitation process requires minimal user interaction and can occur silently during routine game installation or update processes, making detection and prevention particularly challenging.
Mitigation strategies for CVE-2025-66687 must address both the immediate vulnerability and broader security practices within the gaming ecosystem. The primary recommendation involves implementing robust input validation and sanitization of file paths during the extraction process, ensuring that all paths are properly normalized and checked against allowed directories. Software vendors should enforce strict path validation that prevents traversal characters from being processed, particularly when handling user-supplied archives. Users should be advised to only download game files from trusted sources and to verify the integrity of downloaded archives before installation. The implementation of proper access controls and privilege separation can significantly reduce the impact of successful exploitation attempts. Security patches should include comprehensive sanitization of file paths, including checking for directory traversal sequences such as double dots, forward slashes, and backslashes. Organizations should implement monitoring solutions that can detect unusual file operations or extraction patterns that might indicate exploitation attempts. Additionally, the use of application whitelisting and sandboxing techniques can help contain the potential impact of successful attacks. The vulnerability underscores the importance of secure coding practices and proper input validation, particularly in applications that handle user-supplied data or execute system operations. Regular security assessments and vulnerability scanning should be conducted to identify similar issues in related software components. System administrators should maintain current versions of gaming launchers and apply security updates promptly to protect against known vulnerabilities. The implementation of automated security controls and regular security training for users can further reduce the risk of exploitation through social engineering or malicious file delivery methods.