CVE-2025-13949
BaseFortify
Publication date: 2025-12-03
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| proudmubai | gofilm | 1.0.1 |
| proudmubai | gofilm | 1.0.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-434 | The product allows the upload or transfer of dangerous file types that are automatically processed within its environment. |
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-13949 is an arbitrary file upload vulnerability in ProudMuBai GoFilm versions 1.0.0 and 1.0.1. It occurs in the SingleUpload function of the FileController.go file, which does not validate or filter the file extensions or content of uploaded files. This allows an attacker to upload any type of file without restriction, potentially leading to unauthorized file uploads. The vulnerability can be exploited remotely by sending specially crafted requests to the upload endpoint. [1, 2, 3]
How can this vulnerability impact me? :
This vulnerability can impact you by allowing attackers to upload arbitrary and potentially dangerous files to your system. This can lead to unauthorized file placement, remote code execution, and compromise of the confidentiality, integrity, and availability of your system. Since the application does not restrict file types, attackers might upload malicious scripts or executables that the system could process, resulting in severe security breaches. [2, 3, 1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for unauthorized or suspicious file uploads to the /manage/file/upload endpoint, which maps to the vulnerable SingleUpload function. You can look for POST requests with multipart/form-data content type containing files with unusual or executable extensions (e.g., .go files). A practical detection method is to capture and inspect HTTP traffic to this endpoint. For example, using curl to test the upload endpoint with a suspicious file: curl -X POST -H "Authorization: Bearer <token>" -F "[email protected]" https://<target>/manage/file/upload If the file uploads successfully without validation errors, the system is vulnerable. Additionally, network intrusion detection systems (NIDS) can be configured to alert on such POST requests to /manage/file/upload with executable file types. Log analysis on the server for unexpected file uploads can also help detect exploitation attempts. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting or disabling the file upload functionality if possible, especially the /manage/file/upload endpoint. Since no vendor patches or mitigations are available, consider implementing external controls such as web application firewalls (WAF) to block or filter requests attempting to upload files with dangerous extensions. Monitoring and alerting on suspicious upload activity is also recommended. Ultimately, replacing the affected product or applying custom patches to validate and restrict file uploads in the SingleUpload function is advised to fully mitigate the risk. [2]