WhoDB Critical Vulnerability - 20250211001

Overview

A critical vulnerability has been noted in WhoDB due to a lack of path traversal prevention when opening SQLite3 databases. While WhoDB is designed to only display SQLite3 databases within a specific directory, an attacker can exploit this flaw to open any SQLite3 database on the host machine.

What is vulnerable?

Product(s) Affected	Version(s)	CVE	CVSS	Severity
WhoDB on Sqlite3	0.45.0 and prior	CVE-2025-24786	10.0	Critical

What has been observed?

There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing.

Recommendation

The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of 48 hours... (refer Patch Management):

• WhoDB: https://github.com/clidey/whodb/security/advisories/GHSA-9r4c-jwx3-3j76

Additional References

• SecurityOnline: https://securityonline.info/cve-2025-24786-cvss-10-cve-2025-24787-critical-whodb-vulnerabilities/