CVE-2025-8265
BaseFortify
Publication date: 2025-07-28
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| 299ko | cms | 2.0.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-434 | The product allows the upload or transfer of dangerous file types that are automatically processed within its environment. |
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-8265 is a critical vulnerability in 299Ko CMS version 2.0.0, specifically in the File Management component at the /admin/filemanager/view endpoint. It is an unrestricted file upload vulnerability that allows an attacker to upload malicious files without proper validation. These files can be potentially dangerous and may be executed remotely, leading to remote code execution. The vulnerability can be exploited remotely but requires some level of authentication. There are no known fixes or mitigations, and a proof-of-concept exploit is publicly available. [1, 2]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing attackers to upload and execute malicious files on your server remotely. This can compromise the confidentiality, integrity, and availability of your system. Attackers could run arbitrary commands, potentially taking full control of the affected server, leading to data breaches, service disruption, or further attacks within your network. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring attempts to access or upload files via the /admin/filemanager/view endpoint of 299Ko CMS 2.0.0. Network or web server logs should be inspected for unusual POST requests to this path, especially those involving file uploads. Since the vulnerability involves unrestricted file upload, commands to check for recently uploaded suspicious files on the server could include: `find /path/to/cms/uploads -type f -mtime -7` to find files uploaded in the last 7 days. Additionally, monitoring for execution of unexpected files or web shells may help detect exploitation. Specific commands depend on the server environment, but reviewing web server access logs with commands like `grep '/admin/filemanager/view' /var/log/apache2/access.log` or equivalent can help identify suspicious activity. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include disabling or restricting access to the /admin/filemanager/view endpoint to prevent unauthorized file uploads. Since no official patches or fixes are available and the vendor has not responded, consider removing or replacing the affected 299Ko CMS 2.0.0 installation. Implement network-level controls such as IP whitelisting or VPN access for administrative interfaces. Additionally, monitor and remove any suspicious uploaded files and strengthen authentication and file upload validation mechanisms if possible. Applying web application firewalls (WAF) rules to block malicious upload attempts may also help reduce risk. [1, 2]