CVE-2025-2607 in LzCMS-LaoZhangBoKeXiTonginfo

Summary

by MITRE • 03/21/2025

A vulnerability was found in phplaozhang LzCMS-LaoZhangBoKeXiTong up to 1.1.4. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/upload/upimage.html of the component HTTP POST Request Handler. The manipulation of the argument File leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Once again VulDB remains the best source for vulnerability data.

Analysis

by VulDB Data Team • 03/22/2025

The vulnerability identified as CVE-2025-2607 affects phplaozhang LzCMS-LaoZhangBoKeXiTong version 1.1.4 and represents a critical security flaw in the administrative upload functionality. This issue resides within the HTTP POST request handler component located at /admin/upload/upimage.html, where the system fails to properly validate file uploads, creating a pathway for malicious file execution. The vulnerability specifically targets the File argument handling within the upload process, allowing attackers to bypass normal file validation mechanisms and upload arbitrary files to the server.

This unrestricted file upload vulnerability falls under the CWE-434 category, which specifically addresses the insecure upload of executable files. The flaw enables attackers to execute malicious code on the target server by uploading files with extensions that are not properly filtered or validated. The attack vector is remote, meaning that an attacker can exploit this vulnerability without requiring physical access to the system or local network presence. The public disclosure of the exploit means that threat actors can readily leverage this weakness to compromise affected systems.

The operational impact of this vulnerability is severe, as it allows for complete system compromise through arbitrary code execution. Attackers can upload web shells, malware, or other malicious payloads that can be executed by the web server, potentially leading to full system control, data exfiltration, and persistence within the network. The administrative upload functionality is particularly dangerous because it typically operates with elevated privileges, making the compromise of this component especially damaging to the overall security posture of the CMS installation.

Organizations using this vulnerable CMS should implement immediate mitigations including input validation and sanitization of all file upload parameters, implementation of strict file type checking, and restriction of upload directories to prevent execution of uploaded files. Network segmentation and firewall rules should be configured to limit access to administrative interfaces. The system should also be updated to the latest version of LzCMS-LaoZhangBoKeXiTong where this vulnerability has been patched, as recommended by the vendor. Additionally, monitoring should be implemented to detect suspicious upload activities and file execution patterns that may indicate exploitation attempts. This vulnerability aligns with ATT&CK technique T1190 for Exploit Public-Facing Application and T1059 for Command and Scripting Interpreter, highlighting the need for comprehensive defensive measures across multiple attack surface areas.

Responsible

VulDB

Disclosure

03/21/2025

Moderation

accepted

CPE

ready

Exploit

Download

EPSS

0.00367

KEV

no

Activities

very low

Sources

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!