Liferay Portal Pfadübergangsschwachstelle bei der Herunterladung und Installation von Xuggler

The core impact of CVE-2025-3594 lies in its ability to bypass access controls and manipulate the server's file system. An attacker could leverage this vulnerability to upload malicious JAR files containing arbitrary code, which would then be executed by the Liferay Portal server. This could lead to remote code execution (RCE), allowing the attacker to gain control of the server and potentially access sensitive data, modify configurations, or install persistent backdoors. The ability to download and execute arbitrary files significantly expands the attack surface, enabling attackers to escalate privileges and move laterally within the network if the server has access to other resources. This vulnerability shares similarities with other file upload vulnerabilities where insufficient validation allows for arbitrary file manipulation.

Organizations running Liferay Portal or DXP in production environments, particularly those with older, unsupported versions, are at significant risk. Shared hosting environments where multiple users share the same server are also vulnerable, as a compromised user account could be used to exploit this vulnerability and impact other users on the same server. Legacy configurations with default settings or weak access controls are also more susceptible.

• java / server: Monitor Liferay Portal logs for suspicious file upload attempts or errors related to path traversal. Look for unusual file names or paths in the logs.

 grep -i "path traversal" /path/to/liferay/logs/liferay.log

• java / supply-chain: Examine JAR files deployed to the Liferay Portal server for signs of malicious code or unexpected dependencies. Use static analysis tools to scan for vulnerabilities. • generic web: Monitor web server access logs for requests targeting the comliferayserveradminwebportletServerAdminPortletjarName parameter with unusual or potentially malicious file names.

 grep "_com_liferay_server_admin_web_portlet_ServerAdminPortlet_jarName" /path/to/access.log

1. 2025-06-16Disclosure

   disclosure

2. 2025-06-16Patch

   patch

1. Reserviert2025-04-14
2. Veröffentlicht2025-06-16
3. EPSS aktualisiert2026-03-23

The primary mitigation for CVE-2025-3594 is to upgrade Liferay Portal to version 5.0.24 or later. If an immediate upgrade is not feasible, consider implementing temporary workarounds. These may include restricting access to the comliferayserveradminwebportletServerAdminPortletjarName parameter through a Web Application Firewall (WAF) or proxy server. Carefully review and restrict file upload permissions within the Liferay Portal configuration. Implement strict input validation on all user-supplied data to prevent path traversal attempts. After upgrading, confirm the vulnerability is resolved by attempting to upload a test file with a deliberately invalid path to ensure access controls are enforced.