Census CSWeb 8.0.1 Path Traversal Vulnerability (CVE-2025-60946)
CVE-2025-60946 details a vulnerability in Census CSWeb 8.0.1, where arbitrary file path input is permitted, allowing a remote, authenticated attacker to access unintended file directories.
Census CSWeb 8.0.1 is vulnerable to path traversal (CVE-2025-60946). A remote, authenticated attacker can supply arbitrary file path input and access unintended file directories. This allows the attacker to read sensitive files or potentially overwrite existing files, leading to information disclosure or code execution. The vulnerability was reported on March 23, 2026, and is fixed in version 8.1.0 alpha. Defenders should upgrade to the patched version to prevent potential exploitation of this…
Detection coverage 2
Detect Census CSWeb Path Traversal Attempt
highDetects potential path traversal attempts against Census CSWeb by identifying common traversal sequences in web server logs.
Detect Census CSWeb Path Traversal in Request
highDetects path traversal attempts in web requests targeting Census CSWeb by searching for encoded traversal sequences.
Detection queries are kept inside the platform. Get full rules →