Skip to main content

NasaTheme Flozen EUVDEUVD-2025-28281

| CVE-2025-49071 CRITICAL
Unrestricted Upload of File with Dangerous Type (CWE-434)
2025-06-17 audit@patchstack.com
10.0
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
10.0 CRITICAL
AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

7
Re-analysis Queued
Apr 23, 2026 - 15:42 vuln.today
cvss_changed
Analysis Updated
Apr 16, 2026 - 05:54 EUVD-patch-fix
executive_summary
Re-analysis Queued
Apr 16, 2026 - 05:29 backfill_euvd_patch
patch_released
Patch available
Apr 16, 2026 - 05:29 EUVD
1.5.1
EUVD ID Assigned
Mar 14, 2026 - 22:15 euvd
EUVD-2025-28281
Analysis Generated
Mar 14, 2026 - 22:15 vuln.today
CVE Published
Jun 17, 2025 - 15:15 nvd
CRITICAL 10.0

DescriptionCVE.org

Unrestricted Upload of File with Dangerous Type vulnerability in NasaTheme Flozen allows Upload a Web Shell to a Web Server. This issue affects Flozen: from n/a through n/a.

AnalysisAI

Critical unrestricted file upload vulnerability in NasaTheme Flozen that allows unauthenticated remote attackers to upload and execute web shells on affected servers. This vulnerability affects all versions of Flozen and carries a CVSS score of 10.0 with no authentication or user interaction required. If actively exploited (KEV status pending verification), attackers can achieve complete system compromise including confidentiality breach, integrity violation, and availability disruption.

Technical ContextAI

This vulnerability exploits CWE-434 (Unrestricted Upload of File with Dangerous Type), a fundamental file upload validation flaw in the NasaTheme Flozen platform. The vulnerable component likely resides in the file upload handler that fails to properly validate file types, extensions, MIME types, or content before storing uploaded files in a web-accessible directory. The Flozen theme (likely a WordPress or similar CMS theme) lacks server-side validation to restrict dangerous file types (e.g., .php, .phtml, .jsp, .asp). An attacker can bypass client-side restrictions and upload executable code (web shell) to a location where the web server will interpret and execute it as code rather than serve it as static content. This is compounded by the global CVSS vector (S:C) indicating the impact extends beyond the vulnerable component to the entire system.

RemediationAI

Immediate Actions: (1) Contact NasaTheme for available security patches immediately; vendor advisory/patch URL pending from official sources. (2) If patches unavailable, implement emergency server-side mitigation: disable file upload functionality or restrict uploads to non-executable directories with explicit no-execute (.htaccess or nginx rules). (3) Implement strict file type validation on server-side: whitelist allowed extensions (.jpg, .png, .pdf only), validate MIME types, and scan uploaded content with antivirus/YARA rules. (4) Move upload directory outside web root or disable script execution in upload directory via .htaccess (AddType text/plain .php .phtml .jsp .asp) or nginx configuration (disable php-fpm for uploads directory). (5) Audit server logs and uploaded files for evidence of exploitation; remove any suspicious .php or executable files. (6) Implement Web Application Firewall (WAF) rules to block POST requests with suspicious payloads to upload endpoints. (7) Monitor Flozen GitHub repository and NasaTheme advisory channels for patch release; apply immediately upon availability.

Share

EUVD-2025-28281 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy