CVE-2025-9400
BaseFortify
Publication date: 2025-08-25
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wanglongcn | yifang | to 2.0.5 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-434 | The product allows the upload or transfer of dangerous file types that are automatically processed within its environment. |
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-9400 is an unrestricted file upload vulnerability in YiFang CMS up to version 2.0.5. It exists in the mergeMultipartUpload function in the file app/utils/base/plugin/P_file.php. The vulnerability allows an attacker to fully control the file name and extension parameters (md5value and name), enabling them to upload any file type without restriction. This lack of validation can lead to remote exploitation, potentially allowing attackers to execute malicious code or perform other harmful actions on the affected system. [1, 2]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing remote attackers to upload arbitrary files to your YiFang CMS server without authentication. This can lead to remote code execution, compromising the confidentiality, integrity, and availability of your system. Attackers could upload malicious scripts or executables, potentially taking control of the server, defacing websites, stealing data, or disrupting services. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking for the presence of the vulnerable file path `app/utils/base/plugin/P_file.php` in your YiFang CMS installation, specifically the function `mergeMultipartUpload`. Additionally, you can use Google dorking with queries like `inurl:app/utils/base/plugin/P_file.php` to identify vulnerable targets. On your system, you may search for this file and inspect it for the vulnerable code. Network detection could involve monitoring for HTTP requests targeting this file path with suspicious multipart upload attempts. Specific commands to find the file locally could include: `find /path/to/cms -type f -name P_file.php` and then reviewing the file contents. For network detection, monitoring web server logs for POST requests to `app/utils/base/plugin/P_file.php` with multipart upload data may help identify exploitation attempts. [2]
What immediate steps should I take to mitigate this vulnerability?
No known countermeasures or mitigations have been published for this vulnerability. The suggested immediate step is to replace the affected YiFang CMS version (up to 2.0.5) with an alternative CMS or upgrade to a version that is not vulnerable if available. Additionally, restricting access to the vulnerable file path via web server configuration or firewall rules may help reduce exposure. Monitoring for exploitation attempts and applying general security best practices such as limiting file upload permissions and validating uploaded files can also help mitigate risk until a patch or fix is available. [2]