CVE-2025-65806
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-04

Last updated on: 2026-03-11

Assigner: MITRE

Description
The E-POINT CMS eagle.gsam-1169.1 file upload feature improperly handles nested archive files. An attacker can upload a nested ZIP (a ZIP containing another ZIP) where the inner archive contains an executable file (e.g. webshell.php). When the application extracts the uploaded archives, the executable may be extracted into a web-accessible directory. This can lead to remote code execution (RCE), data disclosure, account compromise, or further system compromise depending on the web server/process privileges. The issue arises from insufficient validation of archive contents and inadequate restrictions on extraction targets.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-04
Last Modified
2026-03-11
Generated
2026-06-16
AI Q&A
2025-12-04
EPSS Evaluated
2026-06-15
NVD
CVE-2025-65806
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
e-point e-point_cms 3.1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-434 The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability in the E-POINT CMS eagle.gsam-1169.1 file upload feature occurs because it improperly handles nested archive files. An attacker can upload a ZIP file that contains another ZIP file, where the inner ZIP includes an executable file such as a webshell.php. When the application extracts these archives, the executable may be placed into a web-accessible directory. This happens due to insufficient validation of the archive contents and inadequate restrictions on where files are extracted.

Impact Analysis

The vulnerability can lead to remote code execution (RCE), allowing an attacker to run malicious code on the server. This can result in data disclosure, account compromise, or further system compromise depending on the privileges of the web server or process running the application.

Mitigation Strategies

To mitigate this vulnerability, you should prevent the upload and extraction of nested archive files containing executable content. Implement strict validation of uploaded archive contents, disallow nested ZIP files, and restrict extraction targets to non-web-accessible directories. Additionally, apply proper access controls and ensure the web server runs with least privilege to limit potential impact.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-65806. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart