CVE-2025-64714
📋 TL;DR
CVE-2025-64714 is a Local File Inclusion vulnerability in PrivateBin's template-switching feature that allows unauthenticated attackers to read sensitive files or execute arbitrary PHP code. This affects PrivateBin instances with templateselection enabled in configuration. Attackers can potentially gain remote code execution if they can upload malicious PHP files to the server.
💻 Affected Systems
- PrivateBin
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Remote code execution leading to complete server compromise, data theft, and lateral movement within the network.
Likely Case
Information disclosure of sensitive files like configuration files, logs, or other web-accessible data.
If Mitigated
Limited impact with only non-sensitive file reads if proper file permissions and security controls are in place.
🎯 Exploit Status
Exploitation requires templateselection enabled and ability to manipulate the template cookie. RCE requires additional file upload capability.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 2.0.3
Vendor Advisory: https://github.com/PrivateBin/PrivateBin/security/advisories/GHSA-g2j9-g8r5-rg82
Restart Required: No
Instructions:
1. Backup your PrivateBin installation and data. 2. Download PrivateBin version 2.0.3 or later from the official repository. 3. Replace the existing installation files with the new version. 4. Verify configuration files are preserved and working correctly.
🔧 Temporary Workarounds
Disable template selection
allSet templateselection to false in configuration file
Edit cfg/conf.php and set: $CONF['templateselection'] = false;
Or remove the templateselection configuration line entirely
🧯 If You Can't Patch
- Ensure templateselection is set to false in cfg/conf.php configuration file
- Implement web application firewall rules to block requests with suspicious template cookie values
🔍 How to Verify
Check if Vulnerable:
Check if PrivateBin version is between 1.7.7 and 2.0.2 AND templateselection is enabled in cfg/conf.phpCheck Version:
Check the version in lib/PrivateBin.php or view the web interface footerVerify Fix Applied:
Verify PrivateBin version is 2.0.3 or higher OR templateselection is set to false in configuration📡 Detection & Monitoring
Log Indicators:
- Unusual template cookie values in HTTP requests
- Requests attempting to access non-standard template paths
- PHP include errors referencing unexpected files
Network Indicators:
- HTTP requests with manipulated template cookies
- Attempts to access sensitive file paths via web requests
SIEM Query:
web_access_logs WHERE (cookie CONTAINS 'template=' AND (cookie CONTAINS '../' OR cookie CONTAINS '..\\' OR cookie CONTAINS '/etc/' OR cookie CONTAINS 'config'))