CVE-2025-0471

EPSS 0.56%
Veröffentlicht 16.01.2025 13:15:06
Zuletzt bearbeitet 07.05.2025 16:24:19
Quelle cve-coordination@incibe.es
CVE-Watchlists
Login
Unerledigt
Login

Unrestricted Upload of File with Dangerous Type vulnerability in PMB platform

Unrestricted file upload vulnerability in the PMB platform, affecting versions 4.0.10 and above. This vulnerability could allow an attacker to upload a file to gain remote access to the machine, being able to access, modify and execute commands freely.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

NVD 1 VulnDex Vulnerability Enrichment 1

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Sigb ≫ Pmb Version >= 4.0.10

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.56%	0.421

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cve-coordination@incibe.es	9.9	3.1	6	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE-434 Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-pmb-platform

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-0471

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-0471

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-0471

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-0471