CVE-2025-14199 – This vulnerability allows remote attackers to u... (How to Fix)

Q: What is the severity of CVE-2025-14199?

CVE-2025-14199 has a CVSS score of 6.3 (MEDIUM). This vulnerability allows remote attackers to upload arbitrary files to Verysync 微力同步 web administration interface without proper restrictions. Attackers can exploit this flaw to potentially upload malicious files and execute code on affected systems. All users running Verysync up to version 2.21.3 with web administration enabled are affected.

📋 TL;DR

This vulnerability allows remote attackers to upload arbitrary files to Verysync 微力同步 web administration interface without proper restrictions. Attackers can exploit this flaw to potentially upload malicious files and execute code on affected systems. All users running Verysync up to version 2.21.3 with web administration enabled are affected.

💻 Affected Systems

Products:

Verysync 微力同步

Versions: Up to 2.21.3

Operating Systems: All platforms running Verysync

Default Config Vulnerable: ⚠️ Yes

Notes: Requires web administration module to be enabled and accessible.

📦 What is this software?

Verysync by Verysync

View all CVEs affecting Verysync →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data theft, or ransomware deployment.

🟠

Likely Case

Unauthorized file upload allowing attackers to deploy web shells, deface websites, or establish persistence.

🟢

If Mitigated

Limited impact if proper network segmentation and file upload validation are implemented.

🌐 Internet-Facing: HIGH - Attack can be performed remotely and exploit is publicly available.

🏢 Internal Only: MEDIUM - Internal attackers could exploit this if web interface is accessible on internal network.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit details are publicly available on GitHub and vuldb.com, making this easily exploitable.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: No

Instructions:

No official patch available. Vendor did not respond to disclosure. Consider upgrading to any version above 2.21.3 if available, or implement workarounds.

🔧 Temporary Workarounds

Disable Web Administration Interface

all

Disable the web administration module if not required for operations.

Edit Verysync configuration to disable web interface or block port access

Network Access Control

linux

Restrict access to Verysync web interface using firewall rules.

iptables -A INPUT -p tcp --dport [verysync_port] -s [trusted_ips] -j ACCEPT
iptables -A INPUT -p tcp --dport [verysync_port] -j DROP

🧯 If You Can't Patch

Implement strict network segmentation to isolate Verysync instances from critical systems
Deploy web application firewall (WAF) with file upload filtering rules

🔍 How to Verify

Check if Vulnerable:

Check Verysync version. If version is 2.21.3 or earlier, system is vulnerable. Test by attempting to upload a file to /rest/f/api/resources/f96956469e7be39d/tmp/text.txt?override=false endpoint.

Check Version:

Check Verysync configuration file or web interface for version information

Verify Fix Applied:

Verify web administration interface is disabled or inaccessible, or that file upload restrictions are properly implemented.

📡 Detection & Monitoring

Log Indicators:

Unusual file upload activity to /rest/f/api/resources/ paths
Multiple failed or successful upload attempts from single IP

Network Indicators:

HTTP POST requests to /rest/f/api/resources/f96956469e7be39d/tmp/text.txt?override=false
Unusual outbound connections from Verysync server

SIEM Query:

source="verysync.log" AND (uri_path="/rest/f/api/resources/*" AND method="POST")

📊 Metadata

CVE ID: CVE-2025-14199

CVSS v3 Score: 6.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-284

EPSS Score: 0.06% exploit probability (18.5th percentile)

Published: December 7, 2025

Last Updated: December 11, 2025

🔗 References

https://github.com/jjjjj-zr/jjjjjzr/issues/10 Exploit,Issue Tracking,Third Party Advisory
https://vuldb.com/?ctiid.334619 Permissions Required,VDB Entry
https://vuldb.com/?id.334619 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.699539 Third Party Advisory,VDB Entry
https://github.com/jjjjj-zr/jjjjjzr/issues/10 Exploit,Issue Tracking,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-14199, you might also want to check these: