CVE-2025-0582 – This critical vulnerability in itsourcecode Far... (How to Fix)

Q: What is the severity of CVE-2025-0582?

CVE-2025-0582 has a CVSS score of 4.7 (MEDIUM). This critical vulnerability in itsourcecode Farm Management System allows remote attackers to upload arbitrary files via the /add-pig.php endpoint's pigphoto parameter. This affects all deployments of Farm Management System version 1.0 and earlier. Attackers can exploit this to upload malicious files and potentially execute code on the server.

📋 TL;DR

This critical vulnerability in itsourcecode Farm Management System allows remote attackers to upload arbitrary files via the /add-pig.php endpoint's pigphoto parameter. This affects all deployments of Farm Management System version 1.0 and earlier. Attackers can exploit this to upload malicious files and potentially execute code on the server.

💻 Affected Systems

Products:

itsourcecode Farm Management System

Versions: Up to and including version 1.0

Operating Systems: Any OS running PHP web server

Default Config Vulnerable: ⚠️ Yes

Notes: Affects all installations with the vulnerable /add-pig.php file accessible.

📦 What is this software?

Tailoring Management System by Angeljudesuarez

View all CVEs affecting Tailoring Management System →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data theft, and lateral movement within the network.

🟠

Likely Case

Webshell deployment allowing persistent access, data exfiltration, and further exploitation of the server.

🟢

If Mitigated

File uploads blocked or properly validated, limiting impact to denial of service if upload attempts cause resource exhaustion.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Simple HTTP POST request with malicious file upload to /add-pig.php endpoint.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://itsourcecode.com/

Restart Required: No

Instructions:

No official patch available. Remove or restrict access to /add-pig.php file immediately.

🔧 Temporary Workarounds

Block /add-pig.php Access

all

Restrict access to the vulnerable endpoint using web server configuration.

# Apache: RewriteRule ^/add-pig\.php$ - [F,L]
# Nginx: location ~ /add-pig\.php$ { deny all; }

Implement File Upload Validation

all

Add server-side validation for file uploads in PHP code.

<?php
$allowed_types = ['image/jpeg', 'image/png'];
$max_size = 1024000;
if(!in_array($_FILES['pigphoto']['type'], $allowed_types) || $_FILES['pigphoto']['size'] > $max_size) {
    die('Invalid file');
}
?>

🧯 If You Can't Patch

Implement WAF rules to block file uploads to /add-pig.php
Monitor file system for new PHP files in upload directories

🔍 How to Verify

Check if Vulnerable:

Attempt to upload a non-image file to /add-pig.php endpoint. If successful, system is vulnerable.

Check Version:

Check source code or documentation for version information, typically in README or config files.

Verify Fix Applied:

Test file upload with invalid file types - should be rejected. Check that /add-pig.php returns 403 or is inaccessible.

📡 Detection & Monitoring

Log Indicators:

HTTP POST requests to /add-pig.php with file uploads
New PHP files appearing in upload directories
Large file uploads to /add-pig.php endpoint

Network Indicators:

POST requests to /add-pig.php with Content-Type: multipart/form-data
Unusual outbound connections from web server after file upload

SIEM Query:

source="web_server" AND (url="/add-pig.php" AND method="POST")

📊 Metadata

CVE ID: CVE-2025-0582

CVSS v3 Score: 4.7 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-284

EPSS Score: 0.16% exploit probability (36.8th percentile)

Published: January 20, 2025

Last Updated: February 7, 2025

🔗 References

https://github.com/yunhai666/cve/issues/2 Exploit,Third Party Advisory
https://itsourcecode.com/ Product
https://vuldb.com/?ctiid.292600 Permissions Required,VDB Entry
https://vuldb.com/?id.292600 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.484909 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-0582, you might also want to check these: