How to fix CVE-2025-50187?

Within 24 hours: Identify all Chamilo instances in your environment and document their versions; disable SOAP API endpoints if not actively used; implement network-level access controls to restrict SOAP traffic. Within 7 days: Apply Web Application Firewall (WAF) rules to filter malicious SOAP parameters; conduct vulnerability scanning to detect exploitation attempts; review logs for indicators of compromise. Within 30 days: Upgrade all Chamilo installations to version 1.11.28 or later once released; perform security assessment post-upgrade; implement continuous monitoring for SOAP endpoint abuse.

Is Chamilo Lms affected by CVE-2025-50187?

Chamilo LMS installations prior to version 1.11.28 contain a critical remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary commands on affected servers.

CVE-2025-50187

CRITICAL

2026-03-02 [email protected]

9.8

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Analysis Generated

Mar 12, 2026 - 21:55 vuln.today

PoC Detected

Mar 03, 2026 - 19:12 vuln.today

Public exploit code

CVE Published

Mar 02, 2026 - 15:16 nvd

CRITICAL 9.8

Description

Chamilo is a learning management system. Prior to version 1.11.28, parameter from SOAP request is evaluated without filtering which leads to Remote Code Execution. This issue has been patched in version 1.11.28.

Analysis

Chamilo LMS prior to 1.11.28 has a code injection through SOAP request parameters enabling remote code execution.

Technical Context

Chamilo < 1.11.28 has a CWE-95 eval injection where SOAP request parameters are evaluated as code, allowing remote code execution.

Affected Products

['Chamilo LMS < 1.11.28']

Remediation

Update Chamilo to 1.11.28+.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.4

CVSS: +49

POC: +20

CVE-2025-50187 vulnerability details – vuln.today

Back

CVE-2025-50187

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

CVE-2025-50187

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Technical Context

Affected Products

Remediation

Priority Score

Share

External POC / Exploit Code