Path traversal in Google Web Designer's template handling versions prior to 16.3.0.0407 on Windows allows attacker to achieve remote code execution by tricking users into downloading a malicious ad template
References
Link | Resource |
---|---|
https://balintmagyar.com/articles/google-web-designer-path-traversal-client-side-rce-cve-2025-4613 | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
History
01 Aug 2025, 22:07
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
CPE | cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* cpe:2.3:a:google:web_designer:*:*:*:*:*:*:*:* |
|
CWE | CWE-22 | |
References | () https://balintmagyar.com/articles/google-web-designer-path-traversal-client-side-rce-cve-2025-4613 - Exploit, Third Party Advisory | |
First Time |
Microsoft windows
Microsoft Google web Designer |
|
Summary |
|
12 Jun 2025, 09:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-06-12 09:15
Updated : 2025-08-01 22:07
NVD link : CVE-2025-4613
Mitre link : CVE-2025-4613
CVE.ORG link : CVE-2025-4613
JSON object : View
Products Affected
microsoft
- windows
- web_designer