What is the CVSS score of EUVD-2025-18568?

EUVD-2025-18568 has a CVSS 3.1 base score of 8.8 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 78.7%.

Which versions of Experience Manager are affected by EUVD-2025-18568?

Sitecore PowerShell Extensions versions through 7.0 contain a critical file upload vulnerability that allows authenticated attackers to execute arbitrary code on affected servers.

Is there a public PoC exploit available for EUVD-2025-18568?

Yes, a public proof-of-concept exploit is available for EUVD-2025-18568. Prioritise patching immediately. EPSS: 78.7%.

How to fix or mitigate EUVD-2025-18568?

Within 24 hours: Identify all Sitecore instances with PowerShell Extensions installed and document version numbers; restrict administrative access to the extension and monitor for suspicious file uploads. Within 7 days: Implement WAF rules to block suspicious upload requests to PowerShell Extensions endpoints; consider disabling the extension if business operations permit. Within 30 days: Monitor vendor communications for patch availability; evaluate architectural changes to segment Sitecore infrastructure and implement compensating controls; conduct forensic review for unauthorized file uploads or code execution.

Experience Manager EUVD-2025-18568

| CVE-2025-34511 HIGH

Unrestricted Upload of File with Dangerous Type (CWE-434)

2025-06-17 disclosure@vulncheck.com

File Upload RCE Experience Manager Experience Commerce Experience Platform Managed Cloud

8.8

CVSS 3.1 · NVD

Severity by source

NVD PRIMARY

8.8 HIGH

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

EUVD ID Assigned

Mar 14, 2026 - 22:15 euvd

EUVD-2025-18568

Analysis Generated

Mar 14, 2026 - 22:15 vuln.today

PoC Detected

Sep 08, 2025 - 19:10 vuln.today

Public exploit code

CVE Published

Jun 17, 2025 - 19:15 nvd

HIGH 8.8

DescriptionCVE.org

Sitecore PowerShell Extensions, an add-on to Sitecore Experience Manager (XM) and Experience Platform (XP), through version 7.0 is vulnerable to an unrestricted file upload issue. A remote, authenticated attacker can upload arbitrary files to the server using crafted HTTP requests, resulting in remote code execution.

AnalysisAI

Sitecore PowerShell Extensions through version 7.0 allows authenticated users to upload arbitrary files including ASPX webshells via crafted HTTP requests. The unrestricted file upload bypasses content type restrictions, enabling remote code execution on the Sitecore IIS server with any authenticated account.

Technical ContextAI

Sitecore PowerShell Extensions (SPE) adds PowerShell scripting capabilities to the Sitecore CMS. The file upload functionality fails to properly restrict uploaded file types, allowing .aspx files to be uploaded and placed in web-accessible directories. An attacker with any authenticated Sitecore account can upload a webshell that executes with the IIS application pool identity.

RemediationAI

Update Sitecore PowerShell Extensions beyond version 7.0. Restrict SPE access to trusted administrators only. Configure IIS to prevent script execution in upload directories. Monitor Sitecore file system for unexpected .aspx file creation.

EUVD-2025-18568 vulnerability details – vuln.today

Back

Experience Manager EUVD-2025-18568

Severity by source

CVSS VectorNVD

Lifecycle Timeline

DescriptionCVE.org

AnalysisAI

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code