CVE-2025-49141

Опубликовано: 09 июн. 2025

Источник: nvd

CVSS3: 8.5

CVSS3: 8.8

EPSS Низкий

Описание

HAX CMS PHP allows users to manage their microsite universe with a PHP backend. Prior to version 11.0.3, the gitImportSite functionality obtains a URL string from a POST request and insufficiently validates user input. The set_remote function later passes this input into proc_open, yielding OS command injection. An authenticated attacker can craft a URL string that bypasses the validation checks employed by the filter_var and strpos functions in order to execute arbitrary OS commands on the backend server. The attacker can exfiltrate command output via an HTTP request. Version 11.0.3 contains a patch for the issue.

Ссылки

https://github.com/haxtheweb/haxcms-nodejs/commit/5131fea6b6be611db76a618f89bd2e164752e9b3
Patch
https://github.com/haxtheweb/issues/security/advisories/GHSA-g4cf-pp4x-hqgw
Exploit
Issue Tracking
Third Party Advisory
https://github.com/haxtheweb/issues/security/advisories/GHSA-g4cf-pp4x-hqgw
Exploit
Issue Tracking
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:psu:haxcms-nodejs:*:*:*:*:*:node.js:*:*

Версия до 11.0.3 (исключая)

cpe:2.3:a:psu:haxcms-php:*:*:*:*:*:*:*:*

Версия до 11.0.0 (исключая)

EPSS

Процентиль: 69%

0.00591

Низкий

8.5 High

CVSS3

8.8 High

CVSS3

Дефекты

CWE-78

Связанные уязвимости

GHSA-g4cf-pp4x-hqgw

CVSS3: 8.5

github

8 месяцев назад

HaxCMS-PHP Command Injection Vulnerability

EPSS

Процентиль: 69%

0.00591

Низкий

8.5 High

CVSS3

8.8 High

CVSS3

Дефекты

CWE-78