What is the CVSS score of CVE-2025-65844?

CVE-2025-65844 has a CVSS 3.1 base score of 7.5 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N. EPSS exploitation probability: 0.1%.

Which versions of Evershop are affected by CVE-2025-65844?

EverShop 2.0.1 contains a critical file upload vulnerability that allows unauthenticated attackers to upload malicious files and exhaust server storage without authentication.

Is there a public PoC exploit available for CVE-2025-65844?

Yes, a public proof-of-concept exploit is available for CVE-2025-65844. Prioritise patching immediately. EPSS: 0.1%.

How to fix or mitigate CVE-2025-65844?

Within 24 hours: Disable or restrict access to the /api/images endpoint via WAF rules or network access controls; audit logs for suspicious upload activity. Within 7 days: Implement strict file type validation, disable directory creation functionality, and enforce authentication on the endpoint. Within 30 days: Upgrade to patched version when available or migrate off EverShop 2.0.1; conduct forensic analysis for any uploaded malicious files.

Evershop CVE-2025-65844

EUVD-2025-200288 HIGH

Unrestricted Upload of File with Dangerous Type (CWE-434)

2025-12-02 cve@mitre.org

File Upload Evershop

7.5

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

High

Availability

None

Lifecycle Timeline

EUVD ID Assigned

Mar 15, 2026 - 14:04 euvd

EUVD-2025-200288

Analysis Generated

Mar 15, 2026 - 14:04 vuln.today

PoC Detected

Dec 06, 2025 - 04:15 vuln.today

Public exploit code

CVE Published

Dec 02, 2025 - 18:15 nvd

HIGH 7.5

DescriptionNVD

EverShop 2.0.1 allows a remote unauthenticated attacker to upload arbitrary files and create directories via the /api/images endpoint. The endpoint is accessible without authentication by default, and server-side validation of uploaded files is insufficient. This can be abused to upload arbitrary content (including non-image files) which could impersonate user/admin login panels (exfiltrating credentials) and to perform a denial-of-service attack by exhausting disk space.

Analysis

Technical ContextAI

Unrestricted file upload allows attackers to upload malicious files (web shells, executables) that can then be executed on the server. This vulnerability is classified as Unrestricted Upload of File with Dangerous Type (CWE-434).

RemediationAI

Validate file types by content (magic bytes), not just extension. Store uploads outside the web root. Use random filenames. Scan uploads for malware.

CVE-2025-65844 vulnerability details – vuln.today

Back

Evershop CVE-2025-65844

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

Analysis

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code