CVE-2025-29306

Published Mar 27, 2025

Last updated 17 days ago

Overview

AI description

Generated using AI and has not been reviewed by Intruder. May contain errors.

CVE-2025-29306 is a vulnerability found in FoxCMS version 1.2.5. It allows a remote attacker to execute arbitrary code through the "case display page" located in the `index.html` component. Specifically, the vulnerability resides within the FoxCMS software. An unauthenticated, remote attacker can exploit this vulnerability to inject and execute arbitrary code on the system by accessing the case display page.

Description
An issue in FoxCMS v.1.2.5 allows a remote attacker to execute arbitrary code via the case display page in the index.html component.
Source
cve@mitre.org
NVD status
Undergoing Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-94

Social media

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score

10

Configurations