exploitDog

CVE-2025-2032

Опубликовано: 06 мар. 2025

Источник: nvd

CVSS3: 3.5

CVSS2: 2.7

EPSS Низкий

Описание

A vulnerability classified as problematic was found in ChestnutCMS 1.5.2. This vulnerability affects the function renameFile of the file /cms/file/rename. The manipulation of the argument rename leads to path traversal. The exploit has been disclosed to the public and may be used.

Ссылки

https://github.com/IceFoxH/VULN/issues/7
Exploit
https://vuldb.com/?ctiid.298774
Permissions Required
VDB Entry
https://vuldb.com/?id.298774
Third Party Advisory
VDB Entry
https://vuldb.com/?submit.512030
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:1000mz:chestnutcms:1.5.2:*:*:*:*:*:*:*

EPSS

Процентиль: 27%

0.00097

Низкий

3.5 Low

CVSS3

2.7 Low

CVSS2

Дефекты

CWE-22

Связанные уязвимости

GHSA-8f74-hp4g-75m2

CVSS3: 3.5

github

11 месяцев назад

A vulnerability classified as problematic was found in ChestnutCMS 1.5.2. This vulnerability affects the function renameFile of the file /cms/file/rename. The manipulation of the argument rename leads to path traversal. The exploit has been disclosed to the public and may be used.

EPSS

Процентиль: 27%

0.00097

Низкий

3.5 Low

CVSS3

2.7 Low

CVSS2

Дефекты

CWE-22