CVE-2025-14894 in Livewire Filemanager정보

요약

\~에 의해 MITRE • 2026. 01. 16.

Livewire Filemanager, commonly used in Laravel applications, contains LivewireFilemanagerComponent.php, which does not perform file type and MIME validation, allowing for RCE through upload of a malicious php file that can then be executed via the /storage/ URL if a commonly performed setup process within Laravel applications has been completed.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

책임이 있는

Certcc

예약하다

2025. 12. 18.

공개

2026. 01. 16.

모더레이션

수락

항목

VDB-341564

CPE

준비됨

CWE

CWE-434 (확인됨)

CVSS

9.8 (NVD)

EPSS

0.00018

KEV

아니요

활동

매우 낮음

출처

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-14894
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-14894
CVE Details	https://www.cvedetails.com/cve/CVE-2025-14894/

◂ 이전 개요 다음 ▸

Might our Artificial Intelligence support you?

Check our Alexa App!