CVE-2019-25480
Received Received - Intake
Unrestricted File Upload in ARMBot upload.php Enables RCE

Publication date: 2026-03-11

Last updated on: 2026-03-11

Assigner: VulnCheck

Description
ARMBot contains an unrestricted file upload vulnerability in upload.php that allows unauthenticated attackers to upload arbitrary files by manipulating the file parameter with path traversal sequences. Attackers can upload PHP files with traversal payloads ../public_html/ to write executable code to the web root and achieve remote code execution.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-11
Last Modified
2026-03-11
Generated
2026-06-16
AI Q&A
2026-03-11
EPSS Evaluated
2026-06-15
NVD
CVE-2019-25480
EUVD
EUVD-2019-19760
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-22 The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': "This vulnerability exists in ARMBot's upload.php script, where there is an unrestricted file upload flaw. An unauthenticated attacker can manipulate the file parameter using path traversal sequences to upload arbitrary files, including PHP scripts, to the web root directory."}, {'type': 'paragraph', 'content': 'By exploiting this, the attacker can place executable PHP code on the server, which can then be accessed and run remotely, leading to remote code execution on the affected system.'}, {'type': 'paragraph', 'content': 'A proof-of-concept exploit demonstrates sending a specially crafted POST request that uploads a PHP shell file into a web-accessible directory, confirming the ability to execute arbitrary code remotely.'}] [1]

Impact Analysis

[{'type': 'paragraph', 'content': 'This vulnerability allows attackers to execute arbitrary code on the affected server without authentication.'}, {'type': 'list_item', 'content': "Attackers can upload malicious PHP files that run with the server's privileges."}, {'type': 'list_item', 'content': 'This can lead to full compromise of the server, including data theft, server manipulation, or using the server as a launchpad for further attacks.'}, {'type': 'list_item', 'content': 'Since the vulnerability requires no user interaction or privileges, it is highly critical and can be exploited remotely.'}] [1]

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by attempting to upload a PHP file using the vulnerable upload.php script with a manipulated file parameter containing path traversal sequences. A practical approach is to send a POST request to the upload.php endpoint with crafted form data that tries to place a PHP shell in a web-accessible directory.'}, {'type': 'paragraph', 'content': "For example, using a Python script with the requests library, you can send a POST request to the vulnerable URL with the 'file' parameter set to a path traversal payload like '../public_html/lol/../.s.phtml' and the 'data' parameter containing a base64-encoded PHP payload such as '<?php echo 1; ?>'."}, {'type': 'paragraph', 'content': "After the upload attempt, check if the PHP shell is accessible by navigating to the uploaded file's URL (e.g., http://{host}/.s.phtml). If the PHP code executes and returns the expected output, the vulnerability is present."}, {'type': 'paragraph', 'content': 'Alternatively, you can use curl commands to simulate the POST request with the crafted parameters to test the upload functionality.'}] [1]

Mitigation Strategies

I don't know

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2019-25480. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart