CVE-2025-55194 – In Part-DB versions before 1.17.3, any authenti... (How to Fix)

Q: What is the severity of CVE-2025-55194?

CVE-2025-55194 has a CVSS score of 5.7 (MEDIUM). In Part-DB versions before 1.17.3, any authenticated user can upload a profile picture with a misleading file extension (like .jpg.txt), causing a persistent 500 Internal Server Error when viewing or editing that user's profile. This creates a Denial of Service (DoS) condition that permanently blocks access to affected user profiles through the web interface, affecting both regular users and administrators.

📋 TL;DR

In Part-DB versions before 1.17.3, any authenticated user can upload a profile picture with a misleading file extension (like .jpg.txt), causing a persistent 500 Internal Server Error when viewing or editing that user's profile. This creates a Denial of Service (DoS) condition that permanently blocks access to affected user profiles through the web interface, affecting both regular users and administrators.

💻 Affected Systems

Products:

Part-DB

Versions: All versions prior to 1.17.3

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Affects all installations with authenticated user access; no special configuration required for exploitation.

📦 What is this software?

Part Db by Part Db Project

View all CVEs affecting Part Db →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker could systematically upload malicious profile pictures for all users, making all user profiles inaccessible via the UI and disrupting user management functionality.

🟠

Likely Case

Malicious or careless users upload problematic profile pictures, causing specific user profiles to become inaccessible until manual database intervention.

🟢

If Mitigated

With proper file extension validation, no impact occurs as malicious uploads are rejected before processing.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires authenticated access but is trivial - simply upload a file with a misleading extension.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.17.3

Vendor Advisory: https://github.com/Part-DB/Part-DB-server/security/advisories/GHSA-7rv3-rcxv-69ww

Restart Required: No

Instructions:

1. Backup your Part-DB installation and database. 2. Download version 1.17.3 from the official repository. 3. Replace existing files with the new version. 4. Clear any caches if applicable.

🔧 Temporary Workarounds

Disable profile picture uploads

all

Temporarily disable user profile picture upload functionality in the application configuration

Implement web application firewall rules

all

Block file uploads with double extensions or suspicious patterns

🧯 If You Can't Patch

Restrict user permissions to prevent profile picture uploads for non-administrative users
Implement server-side file type validation using MIME type checking rather than file extensions

🔍 How to Verify

Check if Vulnerable:

Check if Part-DB version is below 1.17.3 by viewing the version in the web interface or checking the installation directory

Check Version:

Check the web interface footer or examine the composer.json file in the installation directory

Verify Fix Applied:

After updating to 1.17.3, attempt to upload a file with a misleading extension (e.g., test.jpg.txt) as a profile picture - it should be rejected

📡 Detection & Monitoring

Log Indicators:

500 Internal Server Error entries when accessing user profiles
File upload attempts with unusual extensions in access logs

Network Indicators:

HTTP POST requests to profile picture upload endpoints with suspicious filenames

SIEM Query:

source="partdb-logs" AND (status=500 AND uri="/user/profile" OR filename="*.jpg.txt")

📊 Metadata

CVE ID: CVE-2025-55194

CVSS v3 Score: 5.7 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H

CWE: CWE-248

EPSS Score: 0.03% exploit probability (8th percentile)

Published: August 13, 2025

Last Updated: August 26, 2025

🔗 References

https://drive.google.com/file/d/10exp_BS9kRKHrFSPjiA_ZYUVJbHN8doW/view Exploit
https://github.com/Part-DB/Part-DB-server/commit/d370f976a7b0c19d502aadbaa0f93eb90c2a6ffa Patch
https://github.com/Part-DB/Part-DB-server/security/advisories/GHSA-7rv3-rcxv-69ww Exploit,Third Party Advisory
https://drive.google.com/file/d/10exp_BS9kRKHrFSPjiA_ZYUVJbHN8doW/view Exploit
https://github.com/Part-DB/Part-DB-server/security/advisories/GHSA-7rv3-rcxv-69ww Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-55194, you might also want to check these: