Skip to main content

EUVD-2025-208950

| CVE-2025-60947 HIGH
Unrestricted Upload of File with Dangerous Type (CWE-434)
2026-03-23 cisa-cg
RCE File Upload
8.7
CVSS 4.0
Share

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

7
Analysis Updated
Apr 16, 2026 - 06:18 EUVD-patch-fix
executive_summary
Re-analysis Queued
Apr 16, 2026 - 05:29 backfill_euvd_patch
patch_released
Patch available
Apr 16, 2026 - 05:29 EUVD
8.1.0
PoC Detected
Mar 25, 2026 - 21:07 vuln.today
Public exploit code
EUVD ID Assigned
Mar 23, 2026 - 21:30 euvd
EUVD-2025-208950
Analysis Generated
Mar 23, 2026 - 21:30 vuln.today
CVE Published
Mar 23, 2026 - 21:00 nvd
HIGH 8.7

DescriptionNVD

Census CSWeb 8.0.1 allows arbitrary file upload. A remote, authenticated attacker could upload a malicious file, possibly leading to remote code execution. Fixed in 8.1.0 alpha.

AnalysisAI

Census CSWeb 8.0.1 contains an arbitrary file upload vulnerability allowing authenticated remote attackers to upload malicious files and achieve remote code execution. A public proof-of-concept exploit is available on GitHub (hx381/cspro-exploits), significantly increasing the risk of exploitation. The vulnerability affects the Census CSWeb data dissemination platform used for hosting census and survey data online.

Technical ContextAI

Census CSWeb is a web-based data dissemination platform for census and survey microdata. The vulnerability is classified as CWE-434 (Unrestricted Upload of File with Dangerous Type), meaning the application fails to properly validate uploaded file types, extensions, or content before storing them in an accessible location. The affected product is identified via CPE as cpe:2.3:a:census:csweb:*:*:*:*:*:*:*:* with versions up to and including 8.0.1. This class of vulnerability typically arises from insufficient server-side validation of file uploads, allowing attackers to bypass client-side restrictions and upload executable files (such as web shells, scripts, or binaries) that can be triggered to execute arbitrary code on the server.

RemediationAI

Upgrade Census CSWeb to version 8.1.0 alpha or later immediately, as documented in the patch commit at https://github.com/csprousers/csweb/commit/eba0b59a243390a1a4f9524cce6dbc0314bf0d91. Organizations should review the CISA advisory at https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2026/va-26-082-01.json for additional guidance. Until patching is complete, implement compensating controls including restricting file upload functionality to only highly trusted administrator accounts, deploying web application firewall rules to block suspicious file extensions and MIME types, implementing strict file type validation and content inspection, and monitoring upload directories for unexpected files or web shells. Network segmentation should isolate CSWeb instances from critical infrastructure, and authentication should be reviewed to ensure no default or weak credentials exist that could satisfy the low privilege requirement for exploitation.

Share

EUVD-2025-208950 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy