EUVD-2026-17267
GHSA-c5c6-37vq-pjcq
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
4Tags
Description
baserCMS is a website development framework. Prior to version 5.2.3, a path traversal vulnerability exists in the theme file management API (/baser/api/admin/bc-theme-file/theme_files/add.json) that allows arbitrary file write. An authenticated administrator can include ../ sequences in the path parameter to create a PHP file in an arbitrary directory outside the theme directory, which may result in remote code execution (RCE). This issue has been patched in version 5.2.3.
Analysis
Authenticated path traversal in baserCMS theme file management API (versions prior to 5.2.3) enables arbitrary file write, allowing administrators to create malicious PHP files outside the theme directory and achieve remote code execution. The vulnerability (CWE-22) requires high privileges (PR:H) but has low attack complexity (AC:L) with network access (AV:N). …
Sign in for full analysis, threat intelligence, and remediation guidance.
Remediation
Within 24 hours: Audit baserCMS installations to identify instances running versions prior to 5.2.3 and document all systems. Within 7 days: Enforce enhanced access controls for administrator accounts, including mandatory multi-factor authentication and IP whitelisting for admin portal access. …
Sign in for detailed remediation steps.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today