Path Traversal in Ni Flexlogger
CVE-2025-2449
NI FlexLogger usiReg URI File Parsing Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to create arbitrary files on affected installations of NI FlexLogger. User interaction is required to…
Vulnerability class: Path Traversal (Directory Traversal)
EPSS: 0.197 (95.6th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 7.8 (High). Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.
Affected products
- Ni Flexlogger — versions 2024 Q1
Weakness classification (CWE)
References
- ZDI-25-146 (x_research-advisory)
Frequently asked questions
- What is CVE-2025-2449?
- CVE-2025-2449 is a high-severity vulnerability in Ni Flexlogger, classified under Path Traversal. CVSS score: 7.8/10. Published 2025-03-18.
- How severe is CVE-2025-2449?
- High severity. CVSS v3 base score is 7.8 out of 10.