What is the CVSS score of CVE-2025-65416?

CVE-2025-65416 has a CVSS 3.1 base score of 6.3 (Medium). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L. EPSS exploitation probability: 0.0%.

docuFORM Managed Print Service Client CVE-2025-65416

EUVD-2025-209775 MEDIUM

Unrestricted Upload of File with Dangerous Type (CWE-434)

2026-05-11 mitre

GHSA-6gvc-vcj7-frw3

PHP File Upload

6.3

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

Lifecycle Timeline

Analysis Generated

May 11, 2026 - 20:39 vuln.today

CVSS changed

May 11, 2026 - 20:37 NVD

6.3 (MEDIUM)

CVE Published

May 11, 2026 - 00:00 nvd

MEDIUM 6.3

CVE Published

May 11, 2026 - 00:00 nvd

UNKNOWN (no severity yet)

DescriptionNVD

docuFORM Managed Print Service Client 11.11c is vulnerable to arbitrary file upload via pmupdate.php.

AnalysisAI

docuFORM Managed Print Service Client 11.11c allows authenticated remote attackers to upload arbitrary files via the pmupdate.php endpoint, enabling potential remote code execution or system compromise. The vulnerability requires valid user credentials (PR:L per CVSS) but no user interaction, and affects confidentiality, integrity, and availability. No public exploit code or active exploitation has been confirmed at time of analysis.

Technical ContextAI

The vulnerability resides in the pmupdate.php file, a component of the PHP-based docuFORM Managed Print Service Client. The root cause is classified as CWE-434 (Unrestricted Upload of File with Dangerous Type), indicating insufficient validation or sanitization of file uploads. Authenticated users can bypass file type restrictions or upload filters on this endpoint, potentially allowing execution of arbitrary server-side code if uploaded files are accessible via the web root or processed by the PHP interpreter. The Managed Print Service architecture typically manages printer fleet operations and client configurations, making this endpoint a natural target for deploying malicious payloads.

RemediationAI

Apply vendor patch from docuFORM to version 12.0 or later if available (exact patched version not confirmed in provided data). Contact docuFORM support to obtain the current patched release. In the interim, implement network-level access controls to restrict access to pmupdate.php to trusted administrators only - use a Web Application Firewall (WAF) to block POST/PUT requests to pmupdate.php from non-administrative IP ranges, or disable the pmupdate.php endpoint entirely if auto-update functionality is not required (trade-off: loss of remote update capability). Enforce strong authentication policies for docuFORM user accounts to reduce the likelihood of credential compromise. Monitor access logs to pmupdate.php for unusual file upload patterns or failed attempts. Audit the docuFORM web server's upload directory to confirm no malicious files have already been deployed.

CVE-2025-65416 vulnerability details – vuln.today

Back