Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com

CVE-2025-27210

Description

An incomplete fix has been identified for CVE-2025-23084 in Node.js, specifically affecting Windows device names like CON, PRN, and AUX. This vulnerability affects Windows users of `path.join` API.

POC

Reference

No PoCs from references.

Github

- https://github.com/B1ack4sh/Blackash-CVE-2025-27210

- https://github.com/PuddinCat/GithubRepoSpider

- https://github.com/Sarath-P-2/vulnerability-scan

- https://github.com/absholi7ly/CVE-2025-27210_NodeJS_Path_Traversal_Exploit

- https://github.com/mindeddu/Vulnerable-CVE-2025-27210

- https://github.com/nomi-sec/PoC-in-GitHub

- https://github.com/sharmapintu987654321-boop/Nessus-Scan-Reports