CVE-2025-69981
Unknown Unknown - Not Provided
Unrestricted File Upload in FUXA /api/upload Enables Remote Code Execution

Publication date: 2026-02-03

Last updated on: 2026-02-11

Assigner: MITRE

Description
FUXA v1.2.7 contains an Unrestricted File Upload vulnerability in the `/api/upload` API endpoint. The endpoint lacks authentication mechanisms, allowing unauthenticated remote attackers to upload arbitrary files. This can be exploited to overwrite critical system files (such as the SQLite user database) to gain administrative access, or to upload malicious scripts to execute arbitrary code.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-03
Last Modified
2026-02-11
Generated
2026-06-16
AI Q&A
2026-02-04
EPSS Evaluated
2026-06-15
NVD
CVE-2025-69981
EUVD
EUVD-2025-206705
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
frangoteam fuxa 1.2.7
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-434 The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

The vulnerability in FUXA v1.2.7 is an Unrestricted File Upload issue found in the `/api/upload` API endpoint.

This endpoint does not have any authentication mechanisms, which means that anyone, including unauthenticated remote attackers, can upload files to the system.

Because of this, attackers can upload arbitrary files, potentially overwriting critical system files such as the SQLite user database or uploading malicious scripts that allow them to execute arbitrary code.

Impact Analysis

This vulnerability can have severe impacts including unauthorized administrative access and remote code execution.

  • Attackers can overwrite critical system files like the SQLite user database, gaining administrative privileges.
  • Malicious scripts can be uploaded and executed, potentially compromising the entire system.
  • The lack of authentication on the upload endpoint makes it easy for attackers to exploit this vulnerability remotely without any credentials.
Compliance Impact

I don't know

Detection Guidance

This vulnerability can be detected by checking if the `/api/upload` endpoint of FUXA v1.2.7 is accessible without authentication and allows file uploads.

You can use commands like curl to test the endpoint for unrestricted file upload capability.

  • curl -X POST http://<target>/api/upload -F "[email protected]" -v
  • Check the response to see if the upload is accepted without authentication.
  • Additionally, monitor network traffic for POST requests to `/api/upload` from unauthenticated sources.
Mitigation Strategies

Immediate mitigation steps include restricting access to the `/api/upload` endpoint by implementing authentication and authorization controls.

You should also disable or restrict file uploads until a patch or update is applied.

Monitoring and blocking suspicious upload attempts and reviewing uploaded files for malicious content can help reduce risk.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-69981. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart