CVE-2025-65806
BaseFortify
Publication date: 2025-12-04
Last updated on: 2026-03-11
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| e-point | e-point_cms | 3.1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-434 | The product allows the upload or transfer of dangerous file types that are automatically processed within its environment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in the E-POINT CMS eagle.gsam-1169.1 file upload feature occurs because it improperly handles nested archive files. An attacker can upload a ZIP file that contains another ZIP file, where the inner ZIP includes an executable file such as a webshell.php. When the application extracts these archives, the executable may be placed into a web-accessible directory. This happens due to insufficient validation of the archive contents and inadequate restrictions on where files are extracted.
How can this vulnerability impact me? :
The vulnerability can lead to remote code execution (RCE), allowing an attacker to run malicious code on the server. This can result in data disclosure, account compromise, or further system compromise depending on the privileges of the web server or process running the application.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, you should prevent the upload and extraction of nested archive files containing executable content. Implement strict validation of uploaded archive contents, disallow nested ZIP files, and restrict extraction targets to non-web-accessible directories. Additionally, apply proper access controls and ensure the web server runs with least privilege to limit potential impact.