CVE-2025-14306

EUVD-2025-201886
A directory traversal vulnerability exists in the CacheCleaner component of Robocode version 1.9.3.6. The recursivelyDelete method fails to properly sanitize file paths, allowing attackers to traverse directories and delete arbitrary files on the system. This vulnerability can be exploited by submitting specially crafted inputs that manipulate the file path, leading to potential unauthorized file deletions.  https://robo-code.blogspot.com/
Path Traversal
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.1 CRITICAL
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 55%
Affected Products (NVD)
VendorProductVersion
robocoderobocode
1.9.3.6
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
robocode
bionic
Fixed 1.9.3.1-1ubuntu0.1~esm1
released
focal
Fixed 1.9.3.7-1ubuntu0.1~esm1
released
jammy
Fixed 1.9.3.9-2ubuntu0.1~esm1
released
noble
Fixed 1.9.3.9-3ubuntu0.1~esm1
released
plucky
ignored
questing
needed
resolute
Fixed 1.9.3.9-4ubuntu0.26.04.1~esm1
released
xenial
ignored