CVE-2025-27224
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-27

Last updated on: 2025-10-31

Assigner: MITRE

Description
TRUfusion Enterprise through 7.10.4.0 uses the /trufusionPortal/fileupload endpoint to upload files. However, the application doesn't properly sanitize the input to this endpoint, ultimately allowing path traversal sequences to be included. This can be used to write to any filename with any file type at any location on the local server, ultimately allowing execution of arbitrary code.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-27
Last Modified
2025-10-31
Generated
2026-06-16
AI Q&A
2025-10-27
EPSS Evaluated
2026-06-14
NVD
CVE-2025-27224
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
rocketsoftware trufusion_enterprise to 7.10.4.0 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-20 The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Impact Analysis

This vulnerability can have severe impacts including unauthorized remote code execution on the affected server. An attacker can upload malicious files to the server, such as web shells, enabling them to execute arbitrary commands remotely without any authentication. This can lead to full system compromise, data theft, service disruption, and further attacks within the network. [2]

Executive Summary

CVE-2025-27224 is a critical vulnerability in TRUfusion Enterprise that allows an unauthenticated attacker to exploit a path traversal flaw in the /trufusionPortal/fileupload endpoint. This endpoint does not properly sanitize input, specifically the 'token' parameter, allowing attackers to write arbitrary files anywhere on the server where the web server user has write access. By uploading malicious files such as web shells, attackers can achieve remote code execution on the server without authentication. [2]

Detection Guidance

This vulnerability can be detected by monitoring and testing the /trufusionPortal/fileupload endpoint for path traversal attempts in the 'token' parameter. One can attempt to upload files with path traversal sequences (e.g., '../') in the token parameter to see if arbitrary file writes are possible. Network monitoring tools can look for suspicious POST requests to /trufusionPortal/fileupload containing such sequences. For example, using curl to test the endpoint: curl -X POST -H "Content-Type: application/gzip" --data-binary @payload.gz "http://target/trufusionPortal/fileupload?token=../webapps/trufusionPortal/jsp/shell.jsp&file=shell.jsp" where payload.gz is a GZIP compressed malicious JSP file. Detection can also involve scanning web server directories for unexpected files such as JSP shells. Additionally, reviewing web server logs for unusual file upload activity or access to newly created JSP files can help detect exploitation attempts. [2]

Mitigation Strategies

Immediate mitigation steps include applying the vendor-provided patches released by Rocket Software for all affected TRUfusion Enterprise versions. Until patches are applied, restrict access to the /trufusionPortal/fileupload endpoint, for example by network segmentation or firewall rules, to limit exposure. Monitor and audit file uploads and web server directories for suspicious files. Disable or restrict the ability of the web server user to write to sensitive directories such as the web application directory. Implement web application firewall (WAF) rules to block requests containing path traversal sequences in parameters. Finally, conduct thorough penetration testing and improve security auditing processes to detect and prevent similar vulnerabilities. [2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-27224. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart