CVE-2025-9772
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-01

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability was detected in RemoteClinic up to 2.0. This affects an unknown part of the file /staff/edit.php. Performing manipulation of the argument image results in unrestricted upload. The attack can be initiated remotely. The exploit is now public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-01
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2025-09-01
EPSS Evaluated
2026-06-14
NVD
CVE-2025-9772
EUVD
EUVD-2025-26336
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
remoteclinic remote_clinic to 2.0 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-434 The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
CWE-284 The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-9772 is a critical vulnerability in RemoteClinic version 2.0, specifically in the /staff/edit.php file. It allows attackers to manipulate the 'image' argument to perform unrestricted file uploads without any authentication. This means an attacker can upload malicious files, such as scripts, which the application may automatically process. This flaw arises from insufficient validation and lack of restrictions on the file upload parameter, enabling remote attackers to execute malicious code, gain unauthorized access, and compromise the system's confidentiality, integrity, and availability. [1, 2, 3]

Impact Analysis

Exploiting this vulnerability can lead to severe impacts including unauthorized remote code execution, unauthorized system access, data compromise, malware spreading, and potential service disruptions. Attackers can upload malicious scripts that run on the server, manipulate or access sensitive data, and disrupt system operations, severely affecting the security and availability of the affected system. [1, 2, 3]

Detection Guidance

This vulnerability can be detected by identifying the presence of the vulnerable endpoint /staff/edit.php on your RemoteClinic 2.0 system. One method is using Google Dorking with the query "inurl:staff/edit.php" to find exposed instances. Additionally, a proof-of-concept exploit involves uploading a PHP shell script using a multipart/form-data POST request. A sample curl command to test exploitability is available, which uploads a test PHP file to the server to confirm if unrestricted upload is possible. [1, 3]

Mitigation Strategies

Immediate mitigation steps include: 1) Replacing the vulnerable RemoteClinic 2.0 product with an alternative, as it is no longer supported. 2) Implementing strict file upload validation such as MIME type checks, file extension whitelisting, and file content inspection to allow only safe file types (e.g., .jpg, .png). 3) Enforcing file size limits to prevent abuse. 4) Storing uploaded files outside the web root directory to prevent direct execution. 5) Renaming uploaded files with unique random names to avoid path traversal and collisions. 6) Conducting regular security audits of the file upload functionality. Since no official patches or countermeasures are published, replacing the product or applying these controls is critical. [1, 3]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-9772. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart