CVE-2025-54418
BaseFortify
Publication date: 2025-07-28
Last updated on: 2025-08-05
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| codeigniter | codeigniter | From 4.0.0 (inc) to 4.6.2 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-78 | The product constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-54418 is a critical command injection vulnerability in the CodeIgniter4 PHP framework's ImageMagick image handler. It occurs when applications use ImageMagick for image processing and allow user-controlled filenames during file uploads processed by the resize() method, or user-controlled text content or options in the text() method. An attacker can exploit this by uploading files with malicious filenames containing shell metacharacters or by supplying malicious text content, causing arbitrary operating system commands to be executed during image processing. This happens because user inputs are not properly sanitized or escaped before being incorporated into shell commands. [1, 3]
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized execution of arbitrary operating system commands with the privileges of the web application. An attacker can exploit it remotely without any privileges or user interaction, potentially compromising the confidentiality, integrity, and availability of the affected system. This could result in data theft, data loss, system takeover, or disruption of services. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for suspicious file uploads with filenames containing shell metacharacters or by analyzing image processing operations that use the ImageMagick handler with user-controlled inputs. Detection can involve checking logs for unusual command executions triggered by image processing or scanning for usage of vulnerable CodeIgniter4 versions prior to 4.6.2. Specific commands are not provided in the resources, but general approaches include inspecting uploaded filenames for shell metacharacters and verifying if the application uses the ImageMagick handler with the resize() or text() methods on user inputs. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include upgrading CodeIgniter4 to version 4.6.2 or later, which contains the patch that properly escapes shell arguments to prevent command injection. Alternatively, switch the image handler from ImageMagick (imagick) to the GD handler (gd), which is not affected. For file uploads, avoid using user-controlled filenames by generating random filenames using getRandomName() or the store() method. For text operations, sanitize user inputs by allowing only safe characters using a regex filter (e.g., preg_replace('/[^a-zA-Z0-9\s.,!?-]/', '', $text)) and validate text options. These steps reduce the risk of command injection until the upgrade can be applied. [1, 3]