4

CVSS Score

3.1

-

CVSS Score

Basic Information

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2025-65713

CVE-2025-65713: Home Assistant Core before is vulnerable to Directory Traversal

Home Assistant Core before v2025.8.0 is vulnerable to Directory Traversal. The Downloader integration does not fully validate file paths during concatenation, leaving a path traversal vulnerability.

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2025-65713

CVE-2025-65713:

4

CVSS Score

3.1

-

CVSS Score

Basic Information

Technical Details

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
homeassistant	pip	< 2025.8.0	2025.8.0

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The analysis of the provided pull request and its associated commits clearly indicates a path traversal vulnerability within the downloader component of Home Assistant Core. The vulnerability existed in the download_file service, which is handled by the download_file function in homeassistant/components/downloader/services.py. The commits from the pull request show that the fix involved adding stricter validation to the user-provided subdir parameter. Specifically, commit 41342be86844a590762a08bb3df55aa445258c0f introduced checks to ensure the subdir is not an absolute path and uses raise_if_invalid_path to prevent directory traversal attacks. The lack of these checks in the previous version of the code is the root cause of the vulnerability. The download_file function is the direct entry point for the malicious input and is where the path concatenation would occur, making it the primary vulnerable function.

Vulnerable functions

homeassistant.components.downloader.services.download_file

homeassistant/components/downloader/services.py

The `download_file` function in `homeassistant/components/downloader/services.py` is vulnerable to path traversal. It takes a `subdir` parameter from a service call, which is then used to construct a file path for a download. Before the patch, there was insufficient validation of the `subdir` value. An attacker could provide a malicious `subdir` value (e.g., an absolute path or a path with `../`) to cause a file to be written to an arbitrary location on the filesystem, outside of the intended download directory. The patch adds checks to ensure the `subdir` is a relative path and does not contain traversal sequences.

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

4

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2025-65713: Home Assistant Core before is vulnerable to Directory Traversal

CVE-2025-65713:

4

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

Technical Details

4

4

CVE-2025-65713: Home Assistant Core before is vulnerable to Directory Traversal

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Basic Information

Basic Information

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI