CVE-2025-2031
Published: 06 March 2025
Description
Adversaries may upload tools to third-party or adversary controlled infrastructure to make it accessible during targeting.
Security Summary
CVE-2025-2031 is a critical vulnerability in ChestnutCMS versions up to 1.5.2, affecting the uploadFile function in the /dev-api/cms/file/upload endpoint. By manipulating the 'file' argument, attackers can achieve unrestricted file upload. The issue maps to CWEs-284 (Improper Access Control), CWE-434 (Unrestricted Upload of File with Dangerous Type), and CWE-79 (Cross-site Scripting). It carries a CVSS v3.1 base score of 6.3 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L) and was published on 2025-03-06.
The vulnerability enables remote exploitation by low-privileged users over the network with low attack complexity and no user interaction required. Attackers can upload arbitrary files, potentially compromising confidentiality, integrity, and availability at a low impact level due to the scope remaining unchanged.
Advisories and further details are documented in references such as https://github.com/IceFoxH/VULN/issues/6 and VulDB entries (https://vuldb.com/?ctiid.298773, https://vuldb.com/?id.298773, https://vuldb.com/?submit.512029). The exploit has been publicly disclosed and may be actively used.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Unrestricted file upload vulnerability (CVE-2025-2031) in public-facing ChestnutCMS enables exploitation of public-facing applications (T1190), web shell deployment via uploaded malicious files (T1505.003), and staging tools (T1608.002) as noted in advisories.