CVE-2025-31103

Published Mar 31, 2025

Last updated 4 days ago

CVSS high 7.5

Overview

Description
Untrusted data deserialization vulnerability exists in a-blog cms. Processing a specially crafted request may store arbitrary files on the server where the product is running. This can be leveraged to execute an arbitrary script on the server.
Source
vultures@jpcert.or.jp
NVD status
Awaiting Analysis

Risk scores

CVSS 3.0

Type
Secondary
Base score
7.5
Impact score
3.6
Exploitability score
3.9
Vector string
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Severity
HIGH

Weaknesses

vultures@jpcert.or.jp
CWE-502

Social media

Hype score
Not currently trending

  1. 🚨 CVE-2025-31103 🔴 HIGH (7.5) 🏢 appleple inc. - a-blog cms (Ver.3.1.x series) 🏗️ prior to Ver.3.1.37 🔗 https://t.co/L6DbghaaJz 🔗 https://t.co/xzAlFJFncC 🔗 https://t.co/iki7XrPp5Q #CyberCron #VulnAlert #InfoSec https://t.co/GlovJhFi0o

    @cybercronai

    1 Apr 2025

    280 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2025-31103 Untrusted data deserialization vulnerability exists in a-blog cms. Processing a specially crafted request may store arbitrary files on the server where the product is… https://t.co/InFrjFDy9x

    @CVEnew

    31 Mar 2025

    38 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. A critical zero-day vulnerability (CVE-2025-31103) in a-blog cms enables attackers to exploit untrusted data. Urgent updates are needed to protect web servers from potential script execution. ⚠️ #ABlogCMS #Japan #WebSecurity link: https://t.co/WOvXBEzl5Y https://t.co/yDmBojBVU9

    @TweetThreatNews

    28 Mar 2025

    19 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. Zero-Day Alert: CVE-2025-31103 in a-blog CMS exposes web servers to critical attacks. No patch available yet—immediate mitigation required. Monitor for exploitation attempts. Full details: https://t.co/nmgf9EQGMQ #CyberSecurity #ZeroDay

    @adriananglin

    28 Mar 2025

    68 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. a-blog cmsに深刻な脆弱性(CVE-2025-31103)が発見された。信頼されていないデータのデシリアライゼーションに問題があり、細工されたリクエストにより任意のファイルがサーバに保存され、任意コードが実行される恐れがある。すでに攻撃も確認されている。 https://t.co/u61qaJdqHB

    @yousukezan

    28 Mar 2025

    898 Impressions

    1 Retweet

    7 Likes

    2 Bookmarks

    0 Replies

    0 Quotes

References