ET WEB_SPECIFIC_APPS jsPDF Arbitrary File Read via Path Traversal PDF File Outbound (CVE-2025-68428)

SID: 2066751Rev: 16 views
Sourceet/open
CreatedJanuary 14, 2026
UpdatedJanuary 14, 2026
Classificationweb-application-attack
alert http $HOME_NET any -> any any (msg:"ET WEB_SPECIFIC_APPS jsPDF Arbitrary File Read via Path Traversal PDF File Outbound (CVE-2025-68428)"; flow:established,to_client; file.data; content:"|25|PDF|2d|1|2e|3"; content:"|2f|Producer|20 28|jsPDF|20|"; fast_pattern; pcre:"/^[1-3]\x2e\d+/R"; content:"|2f|Filter|20 2f|DCTDecode|0a 3e 3e 0a|stream|0a|"; pcre:"/^[\x09-\x0d\x20-\x7f]{64,}/R"; reference:url,www.endorlabs.com/learn/cve-2025-68428-critical-path-traversal-in-jspdf; reference:cve,2025-68428; classtype:web-application-attack; sid:2066751; rev:1; metadata:attack_target Server, tls_state TLSDecrypt, created_at 2026_01_14, cve CVE_2025_68428, deployment Perimeter, deployment Internal, deployment SSLDecrypt, confidence High, signature_severity Major, tag Exploit, updated_at 2026_01_14, mitre_tactic_id TA0001, mitre_tactic_name Initial_Access, mitre_technique_id T1190, mitre_technique_name Exploit_Public_Facing_Application; target:src_ip;)

References

urlwww.endorlabs.com/learn/cve-2025-68428-critical-path-traversal-in-jspdf
cve2025-68428

Metadata

attack targetServer
tls stateTLSDecrypt
created at2026_01_14
deploymentSSLDecrypt
confidenceHigh
signature severityMajor
tagExploit
updated at2026_01_14
mitre tactic idTA0001
mitre tactic nameInitial_Access
mitre technique idT1190
mitre technique nameExploit_Public_Facing_Application

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!