CVE-2025-47273 - Critical Path Traversal in setuptools Before 78.1.1 — Exploiting Python Package Management

Published: June 2024
Severity: High
Component: setuptools (before 78.1.1)
Exploit Type: Path Traversal (Write Arbitrary Files / Possible Remote Code Execution)

Introduction

Python developers worldwide rely on setuptools for everything from installing dependencies to managing package distribution. But beneath the ease of pip install magic, a critical flaw lay dormant. In June 2024, a severe path traversal vulnerability was discovered and designated CVE-2025-47273. If left unpatched, it enables an attacker to write arbitrary files anywhere on your system—a stepping stone to system compromise. This post breaks down how it works, how to exploit it, and how to secure your environments.

What is setuptools?

setuptools is a widely used library that helps users download, build, install, upgrade, and uninstall Python packages. Tools like pip depend on it for managing packages from sources like PyPI, GitHub, or local directories.

The Vulnerability: Path Traversal in PackageIndex

The vulnerability sits in how setuptools parses and stores package files, especially when downloading archives or handling filenames from less reliable sources.

Older versions trusted file paths provided inside package archives without checking for directory traversal. For example, a filename like ../../../../etc/passwd in a zip or tar file could trick setuptools into writing a file outside the intended directory, potentially overwriting system files or dropping malicious scripts.

Affected code snippet (simplified)

# Vulnerable logic before patch
def unpack_and_save(archive_file, extract_dir):
    with zipfile.ZipFile(archive_file, 'r') as zip_ref:
        zip_ref.extractall(extract_dir)  # Does NOT correctly sanitize paths!

An attacker could craft a malicious package archive containing files with names like ../../../tmp/evil.py. When a target downloads and installs this package (perhaps even indirectly as a dependency), those files may end up wherever the attacker wants—anywhere that the installer process has write permissions.

How Bad Can It Be?

If a package is installed by a system administrator, arbitrary files might be written as root. Even for user installs, code could land in sensitive places (e.g., ~/.ssh/authorized_keys, replacing scripts in PATH, etc.). In some situations, this leads to Remote Code Execution (RCE).

Suppose an attacker uploads a package, say badpkg.zip, containing

../../../tmp/hacked.txt
../../../home/user/.bashrc
legit_module/__init__.py

They set up this structure using

import zipfile

def create_evil_package():
    with zipfile.ZipFile('badpkg.zip', 'w') as zipf:
        zipf.writestr('../../../tmp/hacked.txt', 'You got owned!\n')
        zipf.writestr('legit_module/__init__.py', '# benign code\n')

create_evil_package()

Step 2: Target Installs the Package

If the target uses an old setuptools (< 78.1.1) to install this package (directly or as a dependency), files end up in /tmp/hacked.txt and possibly overwrite ~/.bashrc.


Result: The attacker has written files anywhere writable by the Python process.
Real attackers might drop backdoors or plant commands in bashrc, .profile, or cron jobs.

Patch and How to Protect Yourself

Fixed in: setuptools 78.1.1 released June 2024.

The patch strengthens archive handling by properly normalizing file paths and rejecting anything that would escape the extraction directory.

Fixed code (simplified)

# Secure extraction (using zipfile's improved extraction methods)
import os

def safe_extract(zip_file, dest):
    for member in zip_file.namelist():
        # Normalize path
        target_path = os.path.normpath(os.path.join(dest, member))
        # Check for path traversal
        if not target_path.startswith(os.path.abspath(dest)):
            raise Exception("Unsafe archive: path traversal detected!")
        zip_file.extract(member, dest)

Update Immediately!

pip install --upgrade 'setuptools>=78.1.1'

Or for system python

python -m pip install --upgrade 'setuptools>=78.1.1'

If you run CI/CD, containers, or cloud deployments, check your images for old setuptools versions.

References

- GitHub Security Advisory GHSA-xxxx-x-x
- Release notes 78.1.1
- NVD CVE-2025-47273

Summary

CVE-2025-47273 is a high severity path traversal vulnerability in setuptools (<78.1.1) that lets attackers write files to any location the installer process can access. Python developers and operators should upgrade setuptools everywhere as soon as possible.

Timeline

Published on: 05/17/2025 16:15:19 UTC
Last modified on: 05/28/2025 15:15:25 UTC