CVE-2025-25765

CVSS 3.1 Score 4 of 10 (medium)

Details

Published Feb 21, 2025

Updated: Mar 3, 2025

Summary

CVE-2025-25765 is a newly disclosed vulnerability affecting the MRCMS v3.1.2 software. This issue allows an attacker to write arbitrary files via the component /file/save.do, posing a significant risk for unauthorized data modification or system compromise. The vulnerability can be exploited remotely, making it crucial for users to apply the necessary patches as soon as possible to mitigate the risk. Failure to address this issue may result in data loss or unauthorized access to sensitive information.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/3IEfA8
https://www.cve.org/CVERecord?id=CVE-2025-25765
https://nvd.nist.gov/vuln/detail/CVE-2025-25765

Back to Vulnerability Database

CVE-2025-25765

CVSS 3.1 Score 4 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations