"[In] ShowDoc version before 2.8.7, an unrestricted and unauthenticated file upload issue is found and [an] attacker is able to upload a web shell and execute arbitrary code on server."
"CVE-2025-0520 has come under active exploitation for the first time, involving leveraging the flaw to drop a web shell on a U.S.-based honeypot running a vulnerable version of ShowDoc."
"Data shared by the company shows that there are more than 2,000 instances of ShowDoc online, most of which are located in China."
CVE-2025-0520, a critical vulnerability in ShowDoc, has a CVSS score of 9.4 and allows attackers to upload arbitrary PHP files. This unrestricted file upload issue arises from improper validation of file extensions, enabling remote code execution. The vulnerability affects versions prior to 2.8.7, which was released in October 2020. Active exploitation has been observed, with attackers dropping web shells on vulnerable systems. Users are urged to update to the latest version, 3.8.1, for security.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]