CVE-2025-6076
BaseFortify
Publication date: 2025-08-02
Last updated on: 2025-11-03
Assigner: CERT/CC
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| apache | http_server | 2.4.65 |
| mysql | mysql_driver | 3.5.4 |
| jetty | jetty | 9.4.57.v20241219 |
| mariadb | mariadb | 11.4.7 |
| java | java_runtime_environment | 8u461 |
| partnersoftware | partner_software | * |
| php | php | 8.3.23 |
| oracle | jdbc_driver | 2031ai |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-UNKNOWN |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Partner Software's Partner Software and Partner Web applications, where files uploaded on the 'reports' tab are not properly sanitized. This allows an authenticated attacker to upload a malicious file, which can then be used to compromise the device. Since the software runs by default with SYSTEM-level privileges, the impact of this vulnerability is severe.
How can this vulnerability impact me? :
An attacker who exploits this vulnerability can upload malicious files that may compromise the entire device running the Partner Software. Because the software runs with SYSTEM privileges by default, the attacker could gain full control over the system, potentially leading to data theft, system manipulation, or further attacks within the network.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves the upload of malicious files via the "reports" tab by an authenticated attacker. Detection can focus on monitoring file uploads on the reports tab for unusual or unauthorized file types or scanning uploaded files for malicious content. Since the software runs as SYSTEM, monitoring system logs for suspicious activity related to file uploads or execution of unexpected commands is recommended. Specific commands are not provided in the resources. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include applying security updates and patches provided by Partner Software, such as those in version 4.32.2, which include security hardening measures like restricting job attachment file types to prevent execution of unexpected commands and reducing SQL injection risks. Additionally, limit input fields to prevent injection attacks and monitor file uploads closely. Updating to the latest secure versions of core components (Apache, MariaDB, PHP, etc.) as listed in the release notes is also recommended. [1]