CVE-2025-60735 – PerfreeBlog v4.0.11 contains an arbitrary file ... (How to Fix)

Q: What is the severity of CVE-2025-60735?

CVE-2025-60735 has a CVSS score of 7.6 (HIGH). PerfreeBlog v4.0.11 contains an arbitrary file upload vulnerability in the installPlugin function that allows attackers to upload malicious files. This affects all PerfreeBlog installations running the vulnerable version. Attackers can potentially execute arbitrary code on the server.

📋 TL;DR

PerfreeBlog v4.0.11 contains an arbitrary file upload vulnerability in the installPlugin function that allows attackers to upload malicious files. This affects all PerfreeBlog installations running the vulnerable version. Attackers can potentially execute arbitrary code on the server.

💻 Affected Systems

Products:

PerfreeBlog

Versions: v4.0.11 (specific version mentioned in CVE)

Operating Systems: Any OS running PerfreeBlog

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in the default installation. The installPlugin function appears to lack proper file validation.

📦 What is this software?

Perfreeblog by Perfree

View all CVEs affecting Perfreeblog →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data theft, and lateral movement within the network.

🟠

Likely Case

Webshell deployment allowing persistent access, data exfiltration, and further exploitation of the server.

🟢

If Mitigated

File uploads blocked or sanitized, limiting impact to denial of service or temporary disruption.

🌐 Internet-Facing: HIGH - Web applications with file upload functionality are prime targets for automated exploitation.

🏢 Internal Only: MEDIUM - Internal applications still vulnerable but with reduced attack surface from external threats.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

File upload vulnerabilities are commonly exploited. The GitHub reference suggests detailed exploitation methods are publicly available.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://perfree.org.cn/

Restart Required: No

Instructions:

1. Check vendor website for security updates. 2. If patch available, download and apply. 3. Verify file upload functionality is secured.

🔧 Temporary Workarounds

Disable Plugin Installation

all

Temporarily disable the installPlugin functionality to prevent exploitation.

# Modify PerfreeBlog configuration to disable plugin installation
# Check configuration files for installPlugin settings

Web Application Firewall Rules

linux

Implement WAF rules to block malicious file uploads.

# Example mod_security rule: SecRule FILES "@rx \.(php|asp|jsp)$" "deny"

🧯 If You Can't Patch

Implement strict file upload validation (whitelist extensions, verify MIME types, scan for malware)
Restrict upload directory permissions and disable script execution in upload folders

🔍 How to Verify

Check if Vulnerable:

Check if running PerfreeBlog v4.0.11. Attempt to upload a test file with dangerous extension through plugin installation.

Check Version:

# Check PerfreeBlog version in admin panel or configuration files

Verify Fix Applied:

Test file upload functionality with malicious extensions - they should be rejected. Verify version is updated.

📡 Detection & Monitoring

Log Indicators:

Unusual file uploads to plugin directories
Files with executable extensions in upload folders
Multiple failed upload attempts

Network Indicators:

POST requests to installPlugin endpoint with file uploads
Unusual outbound connections from web server

SIEM Query:

source="web_logs" AND (uri="/installPlugin" OR file_extension IN ("php", "asp", "jsp", "exe"))

📊 Metadata

CVE ID: CVE-2025-60735

CVSS v3 Score: 7.6 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

CWE: CWE-434

EPSS Score: 0.06% exploit probability (18.1th percentile)

Published: October 24, 2025

Last Updated: October 27, 2025

🔗 References

http://perfreeblog.com Broken Link
https://github.com/dengxmenglihua/cve/blob/main/PerfreeBlog/File%20Upload%202/Arbitrary%20File%20Upload%20Vulnerability%20in%20PerfreeBlog%20System.md Broken Link
https://perfree.org.cn/ Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-60735, you might also want to check these: