CVE-2025-13435 | Dreampie Resty up to 1.3.1.SNAPSHOT HttpClient HttpClient.java request filename path traversal

A vulnerability, which was classified as critical, was found in Dreampie Resty up to 1.3.1.SNAPSHOT. This affects the function Request of the file /resty-httpclient/src/main/java/cn/dreampie/client/HttpClient.java of the component HttpClient Module. Such manipulation of the argument filename leads to path traversal.

This vulnerability is listed as CVE-2025-13435. The attack may be performed from remote. In addition, an exploit is available.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More