Plattform
php
Komponente
powercms
Behoben in
6.7.1
5.3.1
4.6.1
CVE-2025-46359 describes a path traversal vulnerability discovered in the backup and restore feature of PowerCMS. This flaw allows a malicious product administrator to potentially execute arbitrary code by crafting and restoring a specially designed backup file. The vulnerability affects versions of PowerCMS up to and including 6.7, with a fix available in version 6.7.1.
The path traversal vulnerability in PowerCMS allows an attacker with administrative privileges to manipulate file paths during the backup and restore process. By crafting a malicious backup file containing path traversal sequences (e.g., ../../../../etc/passwd), an attacker can potentially read sensitive files from the server's file system. More critically, this vulnerability could be leveraged to execute arbitrary code on the server, leading to complete system compromise. The impact is significant, as a successful exploit could result in data theft, system takeover, and further malicious activity.
CVE-2025-46359 was publicly disclosed on 2025-07-31. Currently, there are no known public proof-of-concept exploits available. The EPSS score is pending evaluation. It is recommended to monitor security advisories and threat intelligence feeds for any indications of active exploitation.
Organizations utilizing PowerCMS for content management, particularly those with product administrator accounts that have unrestricted access to the backup and restore functionality, are at risk. Shared hosting environments where multiple users share the same PowerCMS installation are also particularly vulnerable, as a compromised administrator account could impact all hosted sites.
• php / server:
find /var/www/html/powercms/backups -name '*backup*' -print0 | xargs -0 grep -i '..\/..\/'• generic web:
curl -I http://your-powercms-site.com/backup.php?file=../../../../etc/passwddisclosure
Exploit-Status
EPSS
0.25% (48% Perzentil)
CISA SSVC
CVSS-Vektor
The primary mitigation for CVE-2025-46359 is to immediately upgrade PowerCMS to version 6.7.1 or later. If upgrading is not immediately feasible, consider restricting access to the backup and restore functionality to trusted administrators only. Implement strict input validation on all user-supplied data related to file paths. While not a direct fix, configuring a Web Application Firewall (WAF) with rules to detect and block path traversal attempts can provide an additional layer of defense. After upgrading, confirm the vulnerability is resolved by attempting a restore operation with a test backup file containing a path traversal sequence.
Actualice PowerCMS a la última versión disponible proporcionada por el proveedor, Alfasado Inc. Consulte las notas de la versión 6.71, 5.31 o 4.61 para obtener detalles específicos sobre la corrección de este problema de path traversal. Asegúrese de realizar una copia de seguridad de su sistema antes de aplicar la actualización.
Schwachstellenanalysen und kritische Warnungen direkt in deinen Posteingang.
CVE-2025-46359 is a path traversal vulnerability in PowerCMS versions up to 6.7, allowing attackers to potentially execute arbitrary code by restoring a crafted backup file.
You are affected if you are running PowerCMS versions 6.7 or earlier. Upgrade to 6.7.1 to mitigate the risk.
Upgrade PowerCMS to version 6.7.1 or later. As a temporary workaround, restrict access to the backup and restore feature to trusted administrators.
As of 2025-07-31, there are no publicly known active exploitation campaigns targeting CVE-2025-46359.
Refer to the official PowerCMS security advisory for detailed information and updates regarding CVE-2025-46359.
Lade deine Abhängigkeitsdatei hoch und erfahre sofort, ob dich diese und andere CVEs treffen.