CRITICAL🇵🇱 Wersja polska

CVE-2025-7063

CVSS 10.0v4.0pub. 2025-09-30upd. 2025-11-26

Due to client-controlled permission check parameter, PAD CMS's file upload functionality allows an unauthenticated remote attacker to upload files of any type and extension without restriction, which can then be executed leading to Remote Code Execution. This issue affects all 3 templates: www, bip and ww+bip. This product is End-Of-Life and producent will not publish patches for this vulnerability.

🤖 AI Analysis
How it works

The permission verification mechanism during file uploads is controlled on the client side, meaning an attacker can modify the parameter responsible for permission verification and bypass all restrictions. As a result, it is possible to upload a file of any extension — including executable scripts — without needing any account in the system. After uploading such a file, the attacker can trigger its execution on the server, gaining remote control over the system (RCE). The problem affects all three system templates: www, bip, and ww+bip.

Impact

An unauthenticated attacker can gain full remote control over the server (RCE), including the ability to execute arbitrary commands, steal data, and perform lateral movement within the internal network.

Mitigation & patch

The vendor will not publish patches for this vulnerability due to the End-Of-Life status of the product. It is recommended to immediately disable or isolate PAD CMS instances from the public network and migrate to an actively supported system. As interim measures, consider blocking access to upload functionality at the firewall or web server level and implementing restrictive access controls to directories containing user-uploaded files.

Who is affected

Widzialni PAD CMS — all three templates: www, bip, and ww+bip. The product is marked as End-Of-Life.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Widzialni Pad Cms

    APP
    Widzialni
    ≤ 1.2.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2025-7065CRITICAL10.0PL ✓ten sam produkt

PAD CMS – nieograniczony upload plików prowadzący do RCE

CVE-2025-8120CRITICAL10.0PL ✓ten sam produkt

Unrestricted File Upload z RCE w Widzialni PAD CMS (brak uwierzytelnienia)

CVE-2025-8122HIGH8.7ten sam produkt

Improper neutralization of input provided by an authorized user in article positioning functionality allows fo...

CVE-2025-8117HIGH8.7ten sam produkt

PAD CMS improperly initializes parameter used for password recovery, which allows to change password for any u...

CVE-2025-8121HIGH8.7ten sam produkt

Improper neutralization of input provided by an authorized user in article positioning functionality allows fo...