CVE-2025-25784 – An arbitrary file upload vulnerability in Jizhi... (How to Fix)

Q: What is the severity of CVE-2025-25784?

CVE-2025-25784 has a CVSS score of 9.8 (CRITICAL). An arbitrary file upload vulnerability in Jizhicms v2.5.4 allows attackers to upload malicious Zip files containing PHP code, which can be executed on the server. This leads to remote code execution (RCE), potentially giving attackers full control over affected systems. All users running Jizhicms v2.5.4 are affected.

📋 TL;DR

An arbitrary file upload vulnerability in Jizhicms v2.5.4 allows attackers to upload malicious Zip files containing PHP code, which can be executed on the server. This leads to remote code execution (RCE), potentially giving attackers full control over affected systems. All users running Jizhicms v2.5.4 are affected.

💻 Affected Systems

Products:

Jizhicms

Versions: v2.5.4

Operating Systems: Any OS running PHP (Linux, Windows, etc.)

Default Config Vulnerable: ⚠️ Yes

Notes: The vulnerability exists in the TemplateController.php component. Any Jizhicms installation with file upload functionality enabled is vulnerable.

📦 What is this software?

Jizhicms by Jizhicms

View all CVEs affecting Jizhicms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete server compromise allowing attackers to execute arbitrary commands, steal data, install backdoors, pivot to internal networks, and maintain persistent access.

🟠

Likely Case

Attackers upload web shells to gain administrative access, deface websites, exfiltrate sensitive data, or use the server for cryptocurrency mining or DDoS attacks.

🟢

If Mitigated

With proper file upload restrictions and web application firewalls, exploitation attempts are blocked, limiting impact to failed upload attempts.

🌐 Internet-Facing: HIGH - Web applications are typically internet-facing, making them directly accessible to attackers without network perimeter restrictions.

🏢 Internal Only: MEDIUM - Internal systems could still be targeted via phishing or compromised internal accounts, but require initial access to the network.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

The vulnerability requires uploading a crafted Zip file. Public references suggest exploitation details are available, making weaponization likely.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: No official vendor advisory found

Restart Required: No

Instructions:

1. Check for official patches from Jizhicms developers. 2. If no patch exists, consider upgrading to a newer version if available. 3. Apply workarounds immediately.

🔧 Temporary Workarounds

Restrict File Uploads

all

Disable or restrict file upload functionality in Jizhicms configuration.

Edit Jizhicms configuration to disable file uploads or restrict to specific file types

Web Application Firewall Rules

all

Implement WAF rules to block malicious file uploads and Zip file exploitation attempts.

Configure WAF to block requests containing Zip files or specific upload patterns

🧯 If You Can't Patch

Isolate the Jizhicms instance in a restricted network segment with no internet access
Implement strict file upload validation and sanitization at the application level

🔍 How to Verify

Check if Vulnerable:

Check if running Jizhicms v2.5.4 by examining version files or configuration. Test file upload functionality with controlled Zip files.

Check Version:

Check Jizhicms version in configuration files or admin panel

Verify Fix Applied:

After applying workarounds, attempt to upload a test Zip file and verify it is blocked or properly sanitized.

📡 Detection & Monitoring

Log Indicators:

Unusual file uploads to TemplateController.php
Zip file uploads followed by PHP file execution
Multiple failed upload attempts

Network Indicators:

HTTP POST requests with Zip file uploads to vulnerable endpoints
Unusual outbound connections from web server

SIEM Query:

source="web_logs" AND (uri="/TemplateController.php" OR file_upload="*.zip")

📊 Metadata

CVE ID: CVE-2025-25784

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-434

EPSS Score: 0.71% exploit probability (71.7th percentile)

Published: February 26, 2025

Last Updated: April 10, 2025

🔗 References

http://jizhicms.com Not Applicable
https://github.com/Ka7arotto/JizhiCms/blob/main/jizhicms.md Exploit,Vendor Advisory
https://www.jizhicms.cn/ Product
https://github.com/Ka7arotto/JizhiCms/blob/main/jizhicms.md Exploit,Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-25784, you might also want to check these: