CVE-2025-3125

Authenticated Arbitrary File Upload in Multiple WSO2 Products via CarbonAppUploader Admin Service Leading to Remote Code Execution

CVSS 6.7 MEDIUMEPSS 0.7%CWE-434

An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper input validation in the CarbonAppUploader admin service endpoint. An authenticated attacker with appropriate privileges can upload a malicious file to a user-controlled location on the server, potentially leading to remote code execution (RCE). This functionality is restricted by default to admin users; therefore, successful exploitation requires valid credentials with administrative permissions.

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L

Produtos afetados

WSO2 · org.wso2.carbon.commons:org.wso2.carbon.application.upload WSO2 · WSO2 API Control Plane WSO2 · WSO2 API Manager WSO2 · WSO2 Enterprise Integrator WSO2 · WSO2 Identity Server WSO2 · WSO2 Identity Server as Key Manager WSO2 · WSO2 Open Banking IAM WSO2 · WSO2 Traffic Manager WSO2 · WSO2 Universal Gateway

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3961/