CVE-2025-34337
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-11-19

Last updated on: 2025-11-19

Assigner: VulnCheck

Description
eGovFramework/egovframe-common-components versions up to and including 4.3.1 includes Web Editor image upload and related file delivery functionality that uses symmetric encryption to protect URL parameters, but exposes an encryption oracle that allows attackers to generate valid ciphertext for chosen values. The image upload endpoints /utl/wed/insertImage.do and /utl/wed/insertImageCk.do encrypt server-side paths, filenames, and MIME types and embed them directly into a download URL that is returned to the client. Because these same encrypted parameters are trusted by other endpoints, such as /utl/web/imageSrc.do and /cmm/fms/getImage.do, an unauthenticated attacker can abuse the upload functionality to obtain encrypted representations of attacker-chosen identifiers and then replay those ciphertext values to file-serving APIs. This design failure allows an attacker to bypass access controls that rely solely on the secrecy of encrypted parameters and retrieve arbitrary stored files that are otherwise expected to require an existing session or specific authorization context. KISA/KrCERT has identified this unpatched vulnerability as "KVE-2023-5281."
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-11-19
Last Modified
2025-11-19
Generated
2026-05-07
AI Q&A
2025-11-19
EPSS Evaluated
2026-05-05
NVD
CVE-2025-34337
EUVD
EUVD-2025-198193
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
egovframework egovframe-common-components 4.3.1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-345 The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability exists in eGovFramework/egovframe-common-components up to version 4.3.1. It involves the Web Editor's image upload and file delivery functionality, which uses symmetric encryption to protect URL parameters. However, it exposes an encryption oracle that allows attackers to generate valid ciphertext for chosen values. Attackers can abuse the upload endpoints to obtain encrypted representations of attacker-chosen identifiers and then replay those ciphertexts to file-serving APIs. This bypasses access controls that rely solely on the secrecy of encrypted parameters, allowing retrieval of arbitrary stored files without authentication or proper authorization.


How can this vulnerability impact me? :

This vulnerability can allow an unauthenticated attacker to bypass access controls and retrieve arbitrary stored files that should require an existing session or specific authorization. This can lead to unauthorized disclosure of sensitive files and data, potentially compromising confidentiality and security of the system and its users.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart