CVE-2025-8841
BaseFortify
Publication date: 2025-08-11
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| zlt2000 | microservices-platform | to 6.0.0 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-434 | The product allows the upload or transfer of dangerous file types that are automatically processed within its environment. |
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-8841 is an unrestricted file upload vulnerability in the zlt2000 microservices-platform up to version 6.0.0. It occurs in the upload function of the file controller, where no security checks or validations are performed on uploaded files. This allows attackers to upload dangerous file types, such as HTML or PDF files containing malicious JavaScript, which can be stored on the server and potentially used to launch attacks like cross-site scripting (XSS) or phishing against users. [1, 2]
How can this vulnerability impact me? :
This vulnerability can impact the confidentiality, integrity, and availability of the affected system. Attackers can remotely upload malicious files that may execute harmful code, leading to cross-site scripting or phishing attacks. The system could be compromised by unauthorized code execution or data manipulation, and since the exploit is easy to launch and publicly available, the risk is significant. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring and inspecting requests to the endpoint `/api-user/users/file-anon` in the file-center service of the zlt2000 microservices-platform. Look for file upload attempts that do not enforce file type restrictions, especially uploads of HTML or PDF files containing JavaScript code. Network traffic analysis tools or web application firewalls (WAF) can be used to detect such suspicious uploads. Specific commands are not provided in the resources, but you can use tools like curl or wget to test uploading files to the endpoint, or use network monitoring tools to capture and analyze HTTP POST requests to `/api-user/users/file-anon`. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include replacing the affected product with an alternative, as no known countermeasures or mitigations have been identified. Additionally, restricting or disabling the vulnerable file upload endpoint `/api-user/users/file-anon` can reduce risk. Implementing external security controls such as web application firewalls (WAF) to block or filter dangerous file uploads may help. Monitoring and alerting on suspicious upload activity is also recommended until a secure replacement or patch is applied. [2, 1]