CVE-2025-44137 Scanner

MapTiler Tileserver-php is a software application that is widely utilized for serving map tiles over the internet. It is primarily used by developers and organizations in the geospatial industry to create and publish maps on websites. The software allows users to serve vector tiles and raster tiles through simple HTTP requests. Its ability to integrate with various map styles and layers makes it a popular choice for organizations looking to deliver interactive mapping experiences. MapTiler Tileserver-php is often used in conjunction with services like OpenStreetMap to provide comprehensive geospatial data to end-users. As an essential tool in web mapping, its reliability and security are paramount to maintaining data integrity and user trust.

The Arbitrary File Read vulnerability in MapTiler Tileserver-php is a critical issue that stems from inadequate input validation within the application. By leveraging directory traversal techniques, attackers can craft requests that access unintended files on the server. This vulnerability allows unauthorized users to read sensitive files outside the intended directory, exposing confidential information. The core of the issue lies in the improper sanitization of GET parameters within specific functions of the software. When exploited, it can lead to significant security breaches by revealing passwords, configuration files, or other critical data. Timely remediation is essential to mitigate potential risks associated with this vulnerability.

Technical details of this vulnerability reveal that it allows for directory traversal, facilitating unauthorized access to server files. The vulnerability is especially critical when attackers manipulate a specific endpoint and parameters in the application notably the 'renderTile' function. By constructing a malicious GET request, they can traverse directories within the server file system. The request manipulates a filename format, which bypasses normal safety checks and exposes system files like '/etc/passwd'. The scope of the vulnerability extends to any file that the application's service account can read, increasing the risk of data exposure. This makes the issue particularly dangerous, given the potentially sensitive nature of accessible files.

If exploited, the Arbitrary File Read vulnerability can lead to severe consequences for affected systems. Attackers gain the capability to access private data stored on the server, which might include user credentials, API keys, and other sensitive information. Such data exposure could enable further attacks, such as identity theft or unauthorized access to other services. Organizations may suffer from reputational damage and financial loss due to data breaches. Additionally, the exploit can undermine users' trust in the service, compelling organizations to address the issue swiftly to maintain operational integrity and customer confidence.

REFERENCES

• https://nvd.nist.gov/vuln/detail/CVE-2025-44137
• https://github.com/mheranco/CVE-2025-44137