CVE-2025-0364

CVE-2025-0364 affects BigAntSoft BigAnt Server versions up to and including 5.6.06, enabling unauthenticated remote code execution through an exposed account registration mechanism. The vulnerability stems from the default SaaS registration feature, which allows attackers to create administrative accounts without authentication. It has a CVSS v3.1 base score of 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) and is associated with CWE-288 (Authentication Bypass Using an Alternate Path or Channel). Published on 2025-02-04, this flaw permits escalation to full server compromise.

An unauthenticated remote attacker can exploit this by registering a new administrative user via the publicly accessible SaaS endpoint. With admin privileges, the attacker then uses the "Cloud Storage Addin" to upload and execute arbitrary PHP code, achieving unauthenticated remote code execution on the server. No user interaction or privileges are required, making it highly exploitable over the network with low complexity.

Advisories detailing mitigation are available from VulnCheck at https://vulncheck.com/advisories/big-ant-upload-rce, along with a proof-of-concept at https://github.com/vulncheck-oss/cve-2025-0364. Security practitioners should consult these resources for patch information, workarounds, or configuration changes to disable the exposed registration mechanism.