CVE-2025-9847
BaseFortify
Publication date: 2025-09-03
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| scriptandtools | real_estate_management_system | 1.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-434 | The product allows the upload or transfer of dangerous file types that are automatically processed within its environment. |
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Real Estate Management System 1.0, specifically in the register.php file's user image upload functionality. Due to the lack of file extension validation or upload restrictions, an attacker can upload malicious PHP files disguised as images. This allows the attacker to upload a web shell that can be accessed and executed remotely, leading to Remote Code Execution (RCE) on the server. [1]
How can this vulnerability impact me? :
Exploitation of this vulnerability can lead to unauthorized control over the system and application, data breaches involving theft or manipulation of sensitive information, deployment of malware including ransomware, full system compromise with lateral network movement, denial of service attacks, financial losses due to remediation and legal consequences, reputational damage, and potential regulatory fines. [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability can lead to regulatory fines due to non-compliance with data protection laws such as GDPR and HIPAA, as it may result in data breaches and unauthorized access to sensitive information, thereby violating these standards' requirements for protecting personal and sensitive data. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking for the presence of uploaded PHP shell files in the /admin/user/ directory, especially files uploaded via the register.php user image upload functionality. You can look for suspicious PHP files that should not be there. For example, use commands like: 1) To find PHP files in the upload directory: `find /path/to/reali/admin/user/ -name '*.php'` 2) To check web server access logs for POST requests to register.php: `grep 'POST /reali/register.php' /var/log/apache2/access.log` or equivalent logs. 3) To test if the upload is possible, attempt to upload a PHP file disguised as an image and then access it via the URL `http://<target>/reali/admin/user/<filename>.php` to see if it executes. These steps help detect if the unrestricted upload vulnerability is present and exploitable. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include: 1) Disable or restrict the user image upload functionality in register.php until a fix is applied. 2) Implement strict file validation to allow only legitimate image file types (e.g., jpg, png) by checking file extensions and MIME types. 3) Apply server-side checks to reject executable files such as PHP scripts. 4) Restrict permissions on the upload directory to prevent execution of uploaded files. 5) Remove any suspicious PHP files already uploaded in the /admin/user/ directory. 6) Monitor logs for suspicious upload or access activity. 7) Apply patches or updates from the vendor or developer if available. These steps reduce the risk of remote code execution via unrestricted file upload. [1]