EUVD-2025-28281

| CVE-2025-49071 CRITICAL
2025-06-17 [email protected]
10.0
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 14, 2026 - 22:15 vuln.today
EUVD ID Assigned
Mar 14, 2026 - 22:15 euvd
EUVD-2025-28281
CVE Published
Jun 17, 2025 - 15:15 nvd
CRITICAL 10.0

Tags

File Upload

Description

Unrestricted Upload of File with Dangerous Type vulnerability in NasaTheme Flozen allows Upload a Web Shell to a Web Server. This issue affects Flozen: from n/a through n/a.

Analysis

Critical unrestricted file upload vulnerability in NasaTheme Flozen that allows unauthenticated remote attackers to upload and execute web shells on affected servers. This vulnerability affects all versions of Flozen and carries a CVSS score of 10.0 with no authentication or user interaction required. If actively exploited (KEV status pending verification), attackers can achieve complete system compromise including confidentiality breach, integrity violation, and availability disruption.

Technical Context

This vulnerability exploits CWE-434 (Unrestricted Upload of File with Dangerous Type), a fundamental file upload validation flaw in the NasaTheme Flozen platform. The vulnerable component likely resides in the file upload handler that fails to properly validate file types, extensions, MIME types, or content before storing uploaded files in a web-accessible directory. The Flozen theme (likely a WordPress or similar CMS theme) lacks server-side validation to restrict dangerous file types (e.g., .php, .phtml, .jsp, .asp). An attacker can bypass client-side restrictions and upload executable code (web shell) to a location where the web server will interpret and execute it as code rather than serve it as static content. This is compounded by the global CVSS vector (S:C) indicating the impact extends beyond the vulnerable component to the entire system.

Affected Products

Product: NasaTheme Flozen; Affected Versions: All versions (specific version range listed as 'n/a through n/a' in CVE description, indicating incomplete vendor disclosure or widespread affection). CPE identifier would likely be: cpe:2.3:a:nasatheme:flozen:*:*:*:*:*:*:*:* (awaiting official CPE assignment). The vulnerability affects Flozen installations on web servers running PHP or similar server-side scripting interpreters. Likely affected deployment contexts include WordPress with Flozen theme, or standalone Flozen CMS installations on shared or dedicated hosting with Apache/Nginx + PHP.

Remediation

Immediate Actions: (1) Contact NasaTheme for available security patches immediately; vendor advisory/patch URL pending from official sources. (2) If patches unavailable, implement emergency server-side mitigation: disable file upload functionality or restrict uploads to non-executable directories with explicit no-execute (.htaccess or nginx rules). (3) Implement strict file type validation on server-side: whitelist allowed extensions (.jpg, .png, .pdf only), validate MIME types, and scan uploaded content with antivirus/YARA rules. (4) Move upload directory outside web root or disable script execution in upload directory via .htaccess (AddType text/plain .php .phtml .jsp .asp) or nginx configuration (disable php-fpm for uploads directory). (5) Audit server logs and uploaded files for evidence of exploitation; remove any suspicious .php or executable files. (6) Implement Web Application Firewall (WAF) rules to block POST requests with suspicious payloads to upload endpoints. (7) Monitor Flozen GitHub repository and NasaTheme advisory channels for patch release; apply immediately upon availability.

Priority Score

50
Low Medium High Critical
KEV: 0
EPSS: +0.1
CVSS: +50
POC: 0

Share

EUVD-2025-28281 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy