CVE-2025-15540

| EUVD-2025-208697 HIGH
2026-03-16 CERT-PL
8.8
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 16, 2026 - 12:00 vuln.today
EUVD ID Assigned
Mar 16, 2026 - 12:00 euvd
EUVD-2025-208697
CVE Published
Mar 16, 2026 - 11:52 nvd
HIGH 8.8

Tags

RCE Code Injection Raytha

Description

"Functions" module in Raytha CMS allows privileged users to write custom code to add functionality to application. Due to a lack of sandboxing or access restrictions, JavaScript code executed through Raytha’s “functions” feature can instantiate .NET components and perform arbitrary operations within the application’s hosting environment. This issue was fixed in version 1.4.6.

Analysis

A code injection vulnerability in Raytha CMS's Functions module allows privileged users to execute arbitrary .NET operations through unrestricted JavaScript code execution, effectively bypassing application sandboxing. The vulnerability affects Raytha CMS versions prior to 1.4.6 and enables authenticated administrators to compromise the application's hosting environment. No active exploitation has been reported (not in KEV), no public POC is available, and EPSS data is not yet available for this recently disclosed vulnerability.

Technical Context

The vulnerability exists in Raytha CMS, an open-source content management system, specifically within its Functions module that allows custom JavaScript code execution. The root cause is CWE-94 (Improper Control of Generation of Code), where user-supplied JavaScript code can instantiate .NET Framework components without proper sandboxing or access controls. This architectural flaw allows JavaScript code to break out of its intended execution boundary and interact directly with the underlying .NET runtime, enabling arbitrary operations within the application's hosting environment.

Affected Products

Raytha CMS versions prior to 1.4.6 are affected by this vulnerability. The issue was discovered and fixed in version 1.4.6, though specific CPE identifiers are not provided in the available data. Organizations using Raytha CMS should verify their installed version and refer to the official Raytha CMS release notes or security advisories for detailed version information.

Remediation

Upgrade Raytha CMS to version 1.4.6 or later, which contains the fix for this vulnerability. As a temporary mitigation until patching is possible, restrict access to the Functions module to only the most trusted administrators and implement additional monitoring for any custom function creation or modification. Organizations should also review any existing custom functions for potentially malicious code and audit administrator account access logs for suspicious activity.

Priority Score

44
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +44
POC: 0

Share

CVE-2025-15540 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy