What is the CVSS score of CVE-2025-50187?

CVE-2025-50187 has a CVSS 3.1 base score of 9.8 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 0.4%.

Which versions of Chamilo Lms are affected by CVE-2025-50187?

Chamilo LMS installations prior to version 1.11.28 contain a critical remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary commands on affected servers.

Is there a public PoC exploit available for CVE-2025-50187?

Yes, a public proof-of-concept exploit is available for CVE-2025-50187. Prioritise patching immediately. EPSS: 0.4%.

How to fix or mitigate CVE-2025-50187?

Within 24 hours: Identify all Chamilo instances in your environment and document their versions; disable SOAP API endpoints if not actively used; implement network-level access controls to restrict SOAP traffic. Within 7 days: Apply Web Application Firewall (WAF) rules to filter malicious SOAP parameters; conduct vulnerability scanning to detect exploitation attempts; review logs for indicators of compromise. Within 30 days: Upgrade all Chamilo installations to version 1.11.28 or later once released; perform security assessment post-upgrade; implement continuous monitoring for SOAP endpoint abuse.

Chamilo Lms CVE-2025-50187

CRITICAL

Eval Injection (CWE-95)

2026-03-02 security-advisories@github.com

RCE Chamilo Lms

9.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:55 vuln.today

PoC Detected

Mar 03, 2026 - 19:12 vuln.today

Public exploit code

CVE Published

Mar 02, 2026 - 15:16 nvd

CRITICAL 9.8

DescriptionNVD

Chamilo is a learning management system. Prior to version 1.11.28, parameter from SOAP request is evaluated without filtering which leads to Remote Code Execution. This issue has been patched in version 1.11.28.

AnalysisAI

Chamilo LMS prior to 1.11.28 has a code injection through SOAP request parameters enabling remote code execution.

Technical ContextAI

Chamilo < 1.11.28 has a CWE-95 eval injection where SOAP request parameters are evaluated as code, allowing remote code execution.

RemediationAI

Update Chamilo to 1.11.28+.

CVE-2025-50187 vulnerability details – vuln.today

Back

Chamilo Lms CVE-2025-50187

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code