{"description":"Trending threats, MITRE ATT\u0026CK coverage, and detection metadata. Fed continuously.","feed_url":"https://feed.craftedsignal.io/tags/directory-listing/feed.json","home_page_url":"https://feed.craftedsignal.io/","items":[{"_cs_actors":[],"_cs_cpes":["cpe:2.3:a:dell:powerflex_appliance_intelligent_catalog:*:*:*:*:*:*:*:*","cpe:2.3:a:dell:powerflex_manager:*:*:*:*:*:*:*:*","cpe:2.3:a:dell:powerflex_rack:*:*:*:*:*:*:*:*"],"_cs_cves":[{"cvss":5.3,"id":"CVE-2025-32749"}],"_cs_exploited":false,"_cs_has_poc":false,"_cs_poc_references":[],"_cs_products":["PowerFlex Appliance Intelligent Catalog","PowerFlex Manager","PowerFlex Rack"],"_cs_severities":["medium"],"_cs_tags":["cve-2025-32749","information-disclosure","directory-listing"],"_cs_type":"advisory","_cs_vendors":["Dell"],"content_html":"\u003cp\u003eA directory listing vulnerability exists in Dell PowerFlex Manager versions 4.6.2 and earlier (CVE-2025-32749). This flaw allows an unauthenticated attacker with remote network access to potentially list directories and expose sensitive information. The vulnerability stems from incorrect default permissions (CWE-276) within the application. Successful exploitation could reveal configuration files, credentials, or other sensitive data, potentially aiding further malicious activities. Dell has released security updates to address this vulnerability.\u003c/p\u003e\n\u003ch2 id=\"attack-chain\"\u003eAttack Chain\u003c/h2\u003e\n\u003col\u003e\n\u003cli\u003eThe unauthenticated attacker identifies a vulnerable Dell PowerFlex Manager instance exposed on the network.\u003c/li\u003e\n\u003cli\u003eThe attacker crafts a malicious HTTP request to a specific endpoint on the PowerFlex Manager server that is susceptible to directory listing.\u003c/li\u003e\n\u003cli\u003eThe server, due to incorrect default permissions, responds with a listing of files and directories accessible to the webserver user.\u003c/li\u003e\n\u003cli\u003eThe attacker analyzes the directory listing to identify potentially sensitive files, such as configuration files, log files, or backup files.\u003c/li\u003e\n\u003cli\u003eThe attacker constructs further HTTP requests to retrieve the contents of these sensitive files.\u003c/li\u003e\n\u003cli\u003eThe server, again due to insufficient access controls, serves the requested files to the attacker.\u003c/li\u003e\n\u003cli\u003eThe attacker extracts sensitive information from the exposed files, such as usernames, passwords, API keys, or internal network configurations.\u003c/li\u003e\n\u003cli\u003eThe attacker uses the gathered information to further compromise the PowerFlex Manager instance or other systems on the network.\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2 id=\"impact\"\u003eImpact\u003c/h2\u003e\n\u003cp\u003eSuccessful exploitation of this vulnerability could lead to the exposure of sensitive information, such as usernames, passwords, API keys, and internal network configurations. This information could be used by an attacker to gain unauthorized access to the PowerFlex Manager system, other systems on the network, or sensitive data stored within the PowerFlex environment. The vulnerability affects Dell PowerFlex Appliance Intelligent Catalog, PowerFlex Manager, and PowerFlex Rack products.\u003c/p\u003e\n\u003ch2 id=\"recommendation\"\u003eRecommendation\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eApply the security updates provided by Dell to patch CVE-2025-32749 on affected PowerFlex Manager, PowerFlex Appliance Intelligent Catalog, and PowerFlex Rack installations.\u003c/li\u003e\n\u003cli\u003eDeploy the Sigma rule \u0026ldquo;Detect Potential Directory Listing Attempt via HTTP GET\u0026rdquo; to identify suspicious HTTP requests indicative of directory listing attempts.\u003c/li\u003e\n\u003cli\u003eReview and restrict access permissions on the PowerFlex Manager server to prevent unauthorized access to sensitive files and directories.\u003c/li\u003e\n\u003cli\u003eMonitor web server logs for unusual HTTP requests and responses that could indicate directory traversal or information disclosure attempts.\u003c/li\u003e\n\u003c/ul\u003e\n","date_modified":"2026-05-26T13:31:30Z","date_published":"2026-05-26T13:31:30Z","id":"https://feed.craftedsignal.io/briefs/2026-05-dell-powerflex-directory-listing/","summary":"Dell PowerFlex Manager versions 4.6.2 and earlier contain a directory listing vulnerability (CVE-2025-32749) that allows an unauthenticated remote attacker to expose sensitive information.","title":"Dell PowerFlex Manager Directory Listing Vulnerability (CVE-2025-32749)","url":"https://feed.craftedsignal.io/briefs/2026-05-dell-powerflex-directory-listing/"}],"language":"en","title":"CraftedSignal Threat Feed — Directory-Listing","version":"https://jsonfeed.org/version/1.1"}