CVE-2018-25388
Deferred Deferred - Pending Action
Arbitrary File Upload in HaPe PKH 1.1

Publication date: 2026-05-29

Last updated on: 2026-05-29

Assigner: VulnCheck

Description
HaPe PKH 1.1 contains an arbitrary file upload vulnerability that allows authenticated attackers to upload malicious files by bypassing file type validation. Attackers can upload PHP files through multiple endpoints including aksi_foto.php, aksi_user.php, and aksi_kecamatan.php to execute arbitrary code on the server.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-29
Last Modified
2026-05-29
Generated
2026-06-19
AI Q&A
2026-05-29
EPSS Evaluated
2026-06-18
NVD
CVE-2018-25388
EUVD
EUVD-2018-21910
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
hape pkh 1.1
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-434 The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

HaPe PKH version 1.1 contains an arbitrary file upload vulnerability that allows authenticated attackers to bypass file type validation and upload malicious files.

Attackers can upload PHP files through multiple endpoints such as aksi_foto.php, aksi_user.php, and aksi_kecamatan.php.

This enables the execution of arbitrary code on the server, potentially compromising the system.

Impact Analysis

Successful exploitation of this vulnerability allows attackers to execute arbitrary code on the server.

This can lead to full system compromise, including unauthorized access, data theft, or disruption of services.

Detection Guidance

This vulnerability can be detected by checking for the presence of uploaded PHP files in directories related to the HaPe PKH application, especially through the endpoints aksi_foto.php, aksi_user.php, and aksi_kecamatan.php.

You can look for suspicious PHP files in upload directories such as /hape-pkh/gambar-konten/ which may indicate exploitation attempts.

Suggested commands to detect potential exploitation include:

  • Using find command on the server to locate PHP files in upload directories: find /path/to/hape-pkh/ -type f -name "*.php"
  • Checking web server logs for POST requests to aksi_foto.php, aksi_user.php, and aksi_kecamatan.php endpoints that may indicate file uploads.
  • Using network monitoring tools to detect unusual HTTP POST requests to these endpoints.
Mitigation Strategies

Immediate mitigation steps include restricting or disabling file uploads through the vulnerable endpoints (aksi_foto.php, aksi_user.php, and aksi_kecamatan.php) until a patch or fix is applied.

Implement strict server-side validation to ensure only allowed file types are accepted, preventing PHP or other executable files from being uploaded.

Review and remove any suspicious PHP files found in upload directories to prevent code execution.

Limit user privileges to reduce the risk of authenticated attackers exploiting the vulnerability.

Monitor server logs and network traffic for signs of exploitation attempts.

Compliance Impact

The provided information does not specify how the arbitrary file upload vulnerability in HaPe PKH 1.1 directly affects compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2018-25388. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart