CVE-2025-67847

🗓️ 23 Jan 2026 04:35:12Reported by fedoraType

CVE-2025-67847: Moodle remote code execution via insufficient restore input validation on the restore interface.

Reporter	Title	Published	Views	Family All 19
ATTACKERKB	CVE-2025-67847	23 Jan 202604:35	–	attackerkb
Circl	CVE-2025-67847	23 Jan 202605:25	–	circl
CNNVD	Moodle security vulnerabilities	23 Jan 202600:00	–	cnnvd
Cvelist	CVE-2025-67847 Moodle: moodle: remote code execution via insufficient restore input validation	23 Jan 202604:35	–	cvelist
EUVD	EUVD-2026-4324	23 Jan 202604:35	–	euvd
Github Security Blog	Moodle affected by a code injection vulnerability	23 Jan 202606:31	–	github
NVD	CVE-2025-67847	23 Jan 202605:16	–	nvd
OpenVAS	Moodle Multiple Vulnerabilities (Dec 2025)	22 Dec 202500:00	–	openvas
OSV	BIT-MOODLE-2025-67847 Moodle: moodle: remote code execution via insufficient restore input validation	6 Mar 202608:50	–	osv
OSV	CVE-2025-67847	23 Jan 202605:16	–	osv

NVD

Node

moodle moodleRange<4.1.22

moodle moodleRange4.4.0–4.4.12

moodle moodleRange4.5.0–4.5.8

moodle moodleRange5.0.0–5.0.4

moodle moodleMatch5.1.0-

[
  {
    "versions": [
      {
        "status": "affected",
        "version": "5.1.0",
        "lessThan": "5.1.1",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "5.0.0",
        "lessThan": "5.0.4",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "4.5.0",
        "lessThan": "4.5.8",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "4.4.0",
        "lessThan": "4.4.12",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "4.1.0",
        "lessThan": "4.1.22",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "0",
        "lessThan": "4.1.0",
        "versionType": "semver"
      }
    ],
    "packageName": "moodle",
    "collectionURL": "https://git.moodle.org",
    "defaultStatus": "unaffected"
  }
]

Source	Link
access	www.access.redhat.com/security/cve/CVE-2025-67847

05 Mar 2026 21:00Current

5.8Medium risk

Vulners AI Score5.8

CVSS 3.18.8

EPSS0.0003

SSVC

CWE-94