CVE-2025-67260
File Upload Vulnerability in Terrapack Enables Remote Code Execution
Publication date: 2026-03-20
Last updated on: 2026-04-14
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| aster-te | terrapack_tkservercgi | 2.5.4.150 |
| aster-te | terrapack_tkwebcoreng | 1.0.20200914 |
| aster-te | terrapack_tpkwebgis | 1.0.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-434 | The product allows the upload or transfer of dangerous file types that are automatically processed within its environment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': 'The CVE-2025-67260 vulnerability affects the Terrapack software suite developed by ASTER TEC / ASTER S.p.A., specifically the components Terrapack TkWebCoreNG version 1.0.20200914, TKServerCGI version 2.5.4.150, and TpkWebGIS - Client version 1.0.0.'}, {'type': 'paragraph', 'content': 'This vulnerability is an arbitrary file upload flaw located in the web applicationβs file upload and import functionality, particularly in the "TkWebCoreNG/InputOutputFile.php" script. The script lacks adequate server-side validation to restrict the types of files users can upload.'}, {'type': 'paragraph', 'content': 'Uploaded files are stored in the "TkRepository" directory without proper sanitization or access controls, allowing an attacker with access to the platform to upload malicious files. This can potentially lead to Remote Code Execution (RCE) if the attacker gains access to the directory where files are stored.'}, {'type': 'paragraph', 'content': 'The vulnerability has a high severity rating with a CVSSv3 score of 8.8, indicating it can be exploited remotely over the network with low attack complexity and limited privileges, resulting in full confidentiality, integrity, and availability impact.'}] [4]
How can this vulnerability impact me? :
This vulnerability can allow attackers to upload arbitrary malicious files to the Terrapack system, which may lead to Remote Code Execution (RCE).
Exploitation of this flaw can result in an attacker gaining control over the affected system, compromising confidentiality, integrity, and availability of data and services.
Because the vulnerability can be exploited remotely with low complexity and limited privileges, it poses a significant risk to systems running vulnerable Terrapack components, especially if exposed externally without adequate security measures.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
The vulnerability exists in the Terrapack software suite, specifically in the file upload functionality of the TkWebCoreNG/InputOutputFile.php script, which lacks proper validation and allows arbitrary file uploads.
To detect this vulnerability on your system, you should first identify if any of the vulnerable Terrapack components are installed, such as Terrapack TkWebCoreNG version 1.0.20200914, TKServerCGI version 2.5.4.150, or TpkWebGIS Client version 1.0.0.
You can check for the presence of these components by searching for their installation directories or files related to TkWebCoreNG/InputOutputFile.php and the TkRepository directory where uploaded files are stored.
Commands to help detect the vulnerability might include:
- On Linux systems, use: `find / -name InputOutputFile.php` to locate the vulnerable script.
- Check for suspicious or unexpected files in the TkRepository directory: `ls -l /path/to/TkRepository`.
- Monitor web server logs for unusual file upload activity targeting the InputOutputFile.php endpoint.
- Use network monitoring tools to detect attempts to upload files via HTTP POST requests to the vulnerable components.
Note that the vulnerability requires at least limited privileges (PR:L) and is exploitable remotely, so monitoring access logs and file system changes is critical.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include restricting access to the vulnerable Terrapack components, especially the file upload functionality.
Since the vendor recommends operating Terrapack in secure, preferably air-gapped environments, ensure that the affected systems are not exposed to untrusted networks.
- Limit network access to the Terrapack services by using firewalls or network segmentation.
- Implement strict access controls and authentication to prevent unauthorized users from uploading files.
- Monitor and audit file uploads to detect and block malicious files.
- If possible, disable or restrict the vulnerable file upload functionality until a patch or update is available.
Contact the vendor or check official channels for patches or updates addressing this vulnerability.