CVE-2025-11331
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-06

Last updated on: 2026-04-29

Assigner: VulDB

Description
A vulnerability was found in IdeaCMS up to 1.8. The impacted element is an unknown function of the file app/common/logic/admin/Config.php of the component Website Name Handler. Performing manipulation of the argument 网站名称 results in command injection. The attack may be initiated remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-06
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2025-10-06
EPSS Evaluated
2026-06-14
NVD
CVE-2025-11331
EUVD
EUVD-2025-32050
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
ideacms ideacms to 1.8 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-77 The product constructs all or part of a command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended command when it is sent to a downstream component.
CWE-74 The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-11331 is a critical command injection vulnerability in IdeaCMS version 1.8 and earlier. It occurs in the file app/common/logic/admin/Config.php, specifically involving the parameter 网站名称 (website name). This parameter is directly concatenated into a system shell command without proper sanitization or validation, allowing an attacker to inject arbitrary commands. These commands are executed by the server with the privileges of the web server process, potentially leading to full system compromise. [1, 2, 3]

Impact Analysis

Exploitation of this vulnerability can lead to full server compromise. Attackers can execute arbitrary system commands remotely, which may allow them to read sensitive files, modify data, disrupt services, escalate privileges, or pivot into internal networks. The vulnerability affects confidentiality, integrity, and availability of the affected system. No authentication is required to exploit this issue, making it highly dangerous. [2, 3]

Detection Guidance

This vulnerability can be detected by checking for the presence of the vulnerable file `app/common/logic/admin/Config.php` in IdeaCMS versions up to 1.8 and by monitoring for suspicious usage of the parameter 网站名称 in requests. Attackers may use Google dorking with the query `inurl:app/common/logic/admin/Config.php` to identify vulnerable targets. Network detection can include monitoring for unusual command injection attempts or unexpected system command executions involving this parameter. Specific commands to detect exploitation attempts are not provided, but searching web server logs for requests containing the parameter 网站名称 with suspicious characters or payloads could help identify exploitation attempts. [2]

Mitigation Strategies

Immediate mitigation steps include avoiding the use of system shell calls with user input entirely by using built-in platform APIs or libraries. If OS command execution is necessary, use safe APIs that accept argument lists without invoking a shell (e.g., execve in C, subprocess.run with argument lists in Python). Implement strict input validation with allowlisting to accept only known safe values for the 网站名称 parameter. As a last resort, properly escape all user inputs using OS-specific escaping libraries, though this is error-prone and less preferred. Replacement of the affected component with an alternative product is also suggested. Immediate remediation is critical to prevent full system compromise. [3, 2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-11331. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart