CRITICAL🇵🇱 Wersja polska

CVE-2025-65474

CVSS 9.8v3.1pub. 2025-12-11upd. 2025-12-19

An arbitrary file rename vulnerability in the /admin/manager.php component of EasyImages 2.0 v2.8.6 and below allows attackers to execute arbitrary code via renaming a PHP file to a SVG format.

🤖 AI Analysis
How it works

The attacker exploits the file renaming function available in the /admin/manager.php component by renaming a previously uploaded PHP file to an SVG extension. The application's mechanism improperly handles this type of operation (CWE-706 – use of improperly resolved name or reference), failing to verify the actual file content after renaming. As a result, the file with PHP code remains executable by the server despite the extension change, enabling RCE. The vulnerability is also related to CWE-434, which is the lack of restrictions on uploading dangerous file types.

Impact

An attacker can execute arbitrary code on the server side, which leads to full takeover of the application and potentially the entire system – including breach of confidentiality, integrity, and availability of data.

Mitigation & patch

Patches available from the vendor should be applied according to the references. Additionally, it is recommended to restrict access to the admin panel (/admin/) exclusively to trusted IP addresses and to verify the server for the presence of suspicious SVG files in publicly accessible directories.

Who is affected

EasyImages 2.0 version 2.8.6 and all earlier versions (Easyimages2.0 Project).

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Easyimages2.0 Project Easyimages2.0

    APP
    Easyimages2.0 Project
    ≤ 2.8.6
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2025-65473CRITICAL9.1PL ✓ten sam produkt

EasyImages 2.0 — arbitrary file rename umożliwiający RCE przez spreparowaną nazwę pliku

CVE-2025-65471HIGH8.8ten sam produkt

An arbitrary file upload vulnerability in the /admin/manager.php component of EasyImages 2.0 v2.8.6 and below ...

CVE-2025-65472HIGH8.8ten sam produkt

A Cross-Site Request Forgery (CSRF) in the /admin/admin.inc.php component of EasyImages 2.0 v2.8.6 and below a...

CVE-2025-13415MEDIUM5.1ten sam produkt

A vulnerability was identified in icret EasyImages up to 2.8.6. This affects an unknown part of the file /app/...

CVE-2023-33599MEDIUM6.1ten sam produkt

EasyImages2.0 ≤ 2.8.1 is vulnerable to Cross Site Scripting (XSS) via viewlog.php.