CVE-2025-10371
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-13

Last updated on: 2026-04-29

Assigner: VulDB

Description
A security flaw has been discovered in eCharge Hardy Barth Salia PLCC 2.2.0. This issue affects some unknown processing of the file /api.php. The manipulation of the argument setrfidlist results in unrestricted upload. The attack may be performed from remote. The exploit has been released to the public and may be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-13
Last Modified
2026-04-29
Generated
2026-05-07
AI Q&A
2025-09-13
EPSS Evaluated
2026-05-05
NVD
CVE-2025-10371
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
echarge salia_plcc 2.2.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-434 The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
CWE-284 The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2025-10371 is an Unauthorized File-Write vulnerability in eCharge Hardy Barth Salia PLCC version 2.2.0. It occurs in the /api.php file where the argument 'setrfidlist' is improperly handled, allowing attackers to upload arbitrary files without restriction or authentication. This flaw enables attackers to upload malicious files such as web shells, potentially leading to remote code execution on the affected system. [1, 2]


How can this vulnerability impact me? :

This vulnerability can severely impact you by allowing remote attackers to upload malicious files to your system, which can lead to remote code execution (getshell). This compromises the confidentiality, integrity, and availability of your system, potentially resulting in unauthorized access, data breaches, or system disruption. Since no authentication is required to exploit this flaw, it is highly accessible and dangerous. [1, 2]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by checking for the presence of the vulnerable endpoint /api.php and specifically monitoring or testing the argument 'setrfidlist' for unrestricted file upload capability. One suggested method is to use Google dorking with the query "inurl:api.php" to identify potentially vulnerable targets. Additionally, you can attempt to upload a test file via the /api.php endpoint using the setrfidlist parameter to verify if unrestricted upload is possible. For example, using curl to test the upload: curl -X POST -F "[email protected]" https://target/api.php If the upload succeeds without authentication or proper authorization, the system is vulnerable. [2]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include restricting or disabling access to the /api.php endpoint if possible, especially the functionality related to the 'setrfidlist' argument. Since no vendor-provided patches or mitigations are available, consider implementing network-level controls such as firewall rules to block unauthorized access to the vulnerable endpoint. Monitoring and blocking suspicious file upload attempts can also help. Ultimately, replacing the affected product with a secure alternative is recommended to fully mitigate the risk. [2]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart