CVE-2025-35113 – Agiloft Release 28 contains a template injectio... (How to Fix)

Q: What is the severity of CVE-2025-35113?

CVE-2025-35113 has a CVSS score of 5.9 (MEDIUM). Agiloft Release 28 contains a template injection vulnerability in its EUI template engine that allows authenticated attackers to execute arbitrary code remotely. This affects all users running Agiloft Release 28 who have authenticated access to the system. Attackers can craft malicious payloads that get executed when processed by the template engine.

📋 TL;DR

Agiloft Release 28 contains a template injection vulnerability in its EUI template engine that allows authenticated attackers to execute arbitrary code remotely. This affects all users running Agiloft Release 28 who have authenticated access to the system. Attackers can craft malicious payloads that get executed when processed by the template engine.

💻 Affected Systems

Products:

Agiloft

Versions: Release 28

Operating Systems: All supported platforms

Default Config Vulnerable: ⚠️ Yes

Notes: Requires authenticated access to exploit. All deployments of Release 28 are vulnerable regardless of configuration.

📦 What is this software?

Agiloft by Atlassian

View all CVEs affecting Agiloft →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise allowing attacker to execute arbitrary commands, access sensitive data, pivot to other systems, and maintain persistent access.

🟠

Likely Case

Attacker gains shell access on the Agiloft server, potentially accessing database contents, configuration files, and other sensitive information stored on the system.

🟢

If Mitigated

With proper network segmentation and least privilege access, impact limited to the Agiloft application server only.

🌐 Internet-Facing: HIGH

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires authenticated access and knowledge of template injection techniques. No public exploit code available at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Release 31

Vendor Advisory: https://wiki.agiloft.com/display/HELP/What%27s+New%3A+CVE+Resolution

Restart Required: No

Instructions:

1. Backup current Agiloft installation and database. 2. Download Agiloft Release 31 from official vendor sources. 3. Follow Agiloft upgrade documentation to migrate from Release 28 to Release 31. 4. Verify successful upgrade and functionality.

🔧 Temporary Workarounds

Restrict authenticated access

all

Limit user accounts to only essential personnel and implement strong authentication controls

Network segmentation

all

Isolate Agiloft servers from critical infrastructure and implement strict firewall rules

🧯 If You Can't Patch

Implement strict access controls and monitor all authenticated user activity
Deploy web application firewall with template injection protection rules

🔍 How to Verify

Check if Vulnerable:

Check Agiloft version in admin interface or via system information page. If version is Release 28, system is vulnerable.

Check Version:

Check Agiloft admin dashboard → System Information → Version

Verify Fix Applied:

After upgrade, verify version shows Release 31 in admin interface and test template functionality works normally.

📡 Detection & Monitoring

Log Indicators:

Unusual template processing errors
Suspicious user activity patterns
Unexpected system command execution in logs

Network Indicators:

Unusual outbound connections from Agiloft server
Suspicious payloads in HTTP requests to template endpoints

SIEM Query:

source="agiloft" AND (event_type="template_error" OR event_type="system_command")

📊 Metadata

CVE ID: CVE-2025-35113

CVSS v3 Score: 5.9 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L

CWE: CWE-1336

EPSS Score: 0.13% exploit probability (32.5th percentile)

Published: August 26, 2025

Last Updated: September 2, 2025

🔗 References

https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-239-01.json Third Party Advisory
https://wiki.agiloft.com/display/HELP/What%27s+New%3A+CVE+Resolution Release Notes,Vendor Advisory
https://www.cve.org/CVERecord?id=CVE-2025-35113 Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-35113, you might also want to check these: