CVE-2025-14199
BaseFortify
Publication date: 2025-12-07
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| verysync | verysync | to 2.21.3 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-434 | The product allows the upload or transfer of dangerous file types that are automatically processed within its environment. |
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a flaw in Verysync 微力同步 up to version 2.21.3, specifically in the Web Administration Module related to the file /rest/f/api/resources/f96956469e7be39d/tmp/text.txt?override=false. It allows an attacker to perform unrestricted file uploads remotely by manipulating this function, potentially leading to unauthorized actions on the system.
How can this vulnerability impact me? :
The vulnerability can allow an attacker to upload files without restriction, which may lead to unauthorized access, data manipulation, or compromise of the affected system. Since the attack can be performed remotely, it increases the risk of exploitation and potential damage to the system's integrity and availability.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for abnormal HTTP POST requests to the endpoint pattern `/rest/f/api/resources/{resource_id}/tmp/{filename}?override=false`, especially on port 8886. You can use network monitoring tools or web server logs to identify such requests. For example, using curl to test the endpoint or using tools like tcpdump or Wireshark to capture suspicious traffic. A sample curl command to check the endpoint might be: `curl -X POST http://<target-ip>:8886/rest/f/api/resources/f96956469e7be39d/tmp/text.txt?override=false -d @payload` where `payload` is a test file. Additionally, enabling log auditing on the web management module to detect unauthorized file upload attempts is recommended. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include strengthening access control on the Web Administration Module by restricting access to trusted or local IP addresses only, enabling web application firewalls to block unauthorized requests, and activating log auditing to monitor and detect abnormal file upload activities. Since no official patch or fix is available, consider isolating the vulnerable service or replacing the affected product. Promptly blocking access to port 8886 from untrusted networks can also reduce exposure. [1, 3]