EUVD-2025-208950
CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
4Tags
Description
Census CSWeb 8.0.1 allows arbitrary file upload. A remote, authenticated attacker could upload a malicious file, possibly leading to remote code execution. Fixed in 8.1.0 alpha.
Analysis
Census CSWeb 8.0.1 contains an arbitrary file upload vulnerability allowing authenticated remote attackers to upload malicious files and achieve remote code execution. A public proof-of-concept exploit is available on GitHub (hx381/cspro-exploits), significantly increasing the risk of exploitation. The vulnerability affects the Census CSWeb data dissemination platform used for hosting census and survey data online.
Technical Context
Census CSWeb is a web-based data dissemination platform for census and survey microdata. The vulnerability is classified as CWE-434 (Unrestricted Upload of File with Dangerous Type), meaning the application fails to properly validate uploaded file types, extensions, or content before storing them in an accessible location. The affected product is identified via CPE as cpe:2.3:a:census:csweb:*:*:*:*:*:*:*:* with versions up to and including 8.0.1. This class of vulnerability typically arises from insufficient server-side validation of file uploads, allowing attackers to bypass client-side restrictions and upload executable files (such as web shells, scripts, or binaries) that can be triggered to execute arbitrary code on the server.
Affected Products
Census CSWeb versions up to and including 8.0.1 are vulnerable to this arbitrary file upload issue. The affected product is identified through CPE string cpe:2.3:a:census:csweb:*:*:*:*:*:*:*:*. The vulnerability was addressed in version 8.1.0 alpha according to the CVE description. A commit fixing the issue can be reviewed at https://github.com/csprousers/csweb/commit/eba0b59a243390a1a4f9524cce6dbc0314bf0d91 on the CSWeb GitHub repository. Additional technical details and CISA's security advisory are available at https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2026/va-26-082-01.json.
Remediation
Upgrade Census CSWeb to version 8.1.0 alpha or later immediately, as documented in the patch commit at https://github.com/csprousers/csweb/commit/eba0b59a243390a1a4f9524cce6dbc0314bf0d91. Organizations should review the CISA advisory at https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2026/va-26-082-01.json for additional guidance. Until patching is complete, implement compensating controls including restricting file upload functionality to only highly trusted administrator accounts, deploying web application firewall rules to block suspicious file extensions and MIME types, implementing strict file type validation and content inspection, and monitoring upload directories for unexpected files or web shells. Network segmentation should isolate CSWeb instances from critical infrastructure, and authentication should be reviewed to ensure no default or weak credentials exist that could satisfy the low privilege requirement for exploitation.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today