CVE-2025-9400
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-25

Last updated on: 2026-04-29

Assigner: VulDB

Description
A flaw has been found in YiFang CMS up to 2.0.5. This affects the function mergeMultipartUpload of the file app/utils/base/plugin/P_file.php. This manipulation of the argument File causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-25
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2025-08-25
EPSS Evaluated
2026-06-15
NVD
CVE-2025-9400
EUVD
EUVD-2025-25653
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
wanglongcn yifang to 2.0.5 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-434 The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
CWE-284 The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-9400 is an unrestricted file upload vulnerability in YiFang CMS up to version 2.0.5. It exists in the mergeMultipartUpload function in the file app/utils/base/plugin/P_file.php. The vulnerability allows an attacker to fully control the file name and extension parameters (md5value and name), enabling them to upload any file type without restriction. This lack of validation can lead to remote exploitation, potentially allowing attackers to execute malicious code or perform other harmful actions on the affected system. [1, 2]

Impact Analysis

This vulnerability can impact you by allowing remote attackers to upload arbitrary files to your YiFang CMS server without authentication. This can lead to remote code execution, compromising the confidentiality, integrity, and availability of your system. Attackers could upload malicious scripts or executables, potentially taking control of the server, defacing websites, stealing data, or disrupting services. [1, 2]

Detection Guidance

This vulnerability can be detected by checking for the presence of the vulnerable file path `app/utils/base/plugin/P_file.php` in your YiFang CMS installation, specifically the function `mergeMultipartUpload`. Additionally, you can use Google dorking with queries like `inurl:app/utils/base/plugin/P_file.php` to identify vulnerable targets. On your system, you may search for this file and inspect it for the vulnerable code. Network detection could involve monitoring for HTTP requests targeting this file path with suspicious multipart upload attempts. Specific commands to find the file locally could include: `find /path/to/cms -type f -name P_file.php` and then reviewing the file contents. For network detection, monitoring web server logs for POST requests to `app/utils/base/plugin/P_file.php` with multipart upload data may help identify exploitation attempts. [2]

Mitigation Strategies

No known countermeasures or mitigations have been published for this vulnerability. The suggested immediate step is to replace the affected YiFang CMS version (up to 2.0.5) with an alternative CMS or upgrade to a version that is not vulnerable if available. Additionally, restricting access to the vulnerable file path via web server configuration or firewall rules may help reduce exposure. Monitoring for exploitation attempts and applying general security best practices such as limiting file upload permissions and validating uploaded files can also help mitigate risk until a patch or fix is available. [2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-9400. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart