CVE-2025-66294

Опубликовано: 01 дек. 2025

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

Grav is a file-based Web platform. Prior to 1.8.0-beta.27, a Server-Side Template Injection (SSTI) vulnerability exists in Grav that allows authenticated attackers with editor permissions to execute arbitrary commands on the server and, under certain conditions, may also be exploited by unauthenticated attackers. This vulnerability stems from weak regex validation in the cleanDangerousTwig method. This vulnerability is fixed in 1.8.0-beta.27.

Ссылки

https://github.com/getgrav/grav/commit/e37259527d9c1deb6200f8967197a9fa587c6458
Patch
https://github.com/getgrav/grav/security/advisories/GHSA-662m-56v4-3r8f
Exploit
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:getgrav:grav:*:*:*:*:*:*:*:*

Версия от 1.7.48 (включая) до 1.8.0 (исключая)

cpe:2.3:a:getgrav:grav:1.8.0:beta1:*:*:*:*:*:*

cpe:2.3:a:getgrav:grav:1.8.0:beta10:*:*:*:*:*:*

cpe:2.3:a:getgrav:grav:1.8.0:beta11:*:*:*:*:*:*

cpe:2.3:a:getgrav:grav:1.8.0:beta12:*:*:*:*:*:*

cpe:2.3:a:getgrav:grav:1.8.0:beta13:*:*:*:*:*:*

cpe:2.3:a:getgrav:grav:1.8.0:beta14:*:*:*:*:*:*

cpe:2.3:a:getgrav:grav:1.8.0:beta15:*:*:*:*:*:*

cpe:2.3:a:getgrav:grav:1.8.0:beta16:*:*:*:*:*:*

cpe:2.3:a:getgrav:grav:1.8.0:beta17:*:*:*:*:*:*

cpe:2.3:a:getgrav:grav:1.8.0:beta18:*:*:*:*:*:*

cpe:2.3:a:getgrav:grav:1.8.0:beta19:*:*:*:*:*:*

cpe:2.3:a:getgrav:grav:1.8.0:beta2:*:*:*:*:*:*

cpe:2.3:a:getgrav:grav:1.8.0:beta20:*:*:*:*:*:*

cpe:2.3:a:getgrav:grav:1.8.0:beta21:*:*:*:*:*:*

cpe:2.3:a:getgrav:grav:1.8.0:beta22:*:*:*:*:*:*

cpe:2.3:a:getgrav:grav:1.8.0:beta23:*:*:*:*:*:*

cpe:2.3:a:getgrav:grav:1.8.0:beta24:*:*:*:*:*:*

cpe:2.3:a:getgrav:grav:1.8.0:beta25:*:*:*:*:*:*

cpe:2.3:a:getgrav:grav:1.8.0:beta26:*:*:*:*:*:*

cpe:2.3:a:getgrav:grav:1.8.0:beta3:*:*:*:*:*:*

cpe:2.3:a:getgrav:grav:1.8.0:beta4:*:*:*:*:*:*

cpe:2.3:a:getgrav:grav:1.8.0:beta5:*:*:*:*:*:*

cpe:2.3:a:getgrav:grav:1.8.0:beta6:*:*:*:*:*:*

cpe:2.3:a:getgrav:grav:1.8.0:beta7:*:*:*:*:*:*

cpe:2.3:a:getgrav:grav:1.8.0:beta8:*:*:*:*:*:*

cpe:2.3:a:getgrav:grav:1.8.0:beta9:*:*:*:*:*:*

EPSS

Процентиль: 39%

0.00169

Низкий

8.8 High

CVSS3

Дефекты

CWE-94

Связанные уязвимости

GHSA-662m-56v4-3r8f

github

17 дней назад

Grav is vulnerable to RCE via SSTI through Twig Sandbox Bypass