exploitDog

CVE-2025-46080

Опубликовано: 29 мая 2025

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

HuoCMS V3.5.1 has a File Upload Vulnerability. An attacker can exploit this flaw to bypass whitelist restrictions and craft malicious files with specific suffixes, thereby gaining control of the server.

Ссылки

https://github.com/yggcwhat/CVE-2025-46080/
Exploit
Third Party Advisory
https://github.com/yggcwhat/test2/blob/main/README.md
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:huocms:huocms:3.5.1:*:*:*:*:*:*:*

EPSS

Процентиль: 18%

0.00058

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-434

Связанные уязвимости

GHSA-hq4x-qvjp-878v

CVSS3: 5.3

github

8 месяцев назад

HuoCMS V3.5.1 has a File Upload Vulnerability. An attacker can exploit this flaw to bypass whitelist restrictions and craft malicious files with specific suffixes, thereby gaining control of the server.

EPSS

Процентиль: 18%

0.00058

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-434