CVE-2025-7877 – This critical vulnerability in Metasoft MetaCRM... (How to Fix)

Q: What is the severity of CVE-2025-7877?

CVE-2025-7877 has a CVSS score of 6.3 (MEDIUM). This critical vulnerability in Metasoft MetaCRM allows remote attackers to upload arbitrary files via the sendfile.jsp endpoint. Affected systems include MetaCRM versions up to 6.4.2, potentially leading to complete system compromise.

📋 TL;DR

This critical vulnerability in Metasoft MetaCRM allows remote attackers to upload arbitrary files via the sendfile.jsp endpoint. Affected systems include MetaCRM versions up to 6.4.2, potentially leading to complete system compromise.

💻 Affected Systems

Products:

Metasoft MetaCRM

Versions: up to 6.4.2

Operating Systems: Any OS running MetaCRM

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in default configuration of sendfile.jsp endpoint

📦 What is this software?

Metacrm by Metasoft

View all CVEs affecting Metacrm →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to full system takeover, data exfiltration, and lateral movement within the network

🟠

Likely Case

Webshell deployment allowing persistent backdoor access and data manipulation

🟢

If Mitigated

File upload attempts blocked at perimeter, limiting impact to failed attack attempts

🌐 Internet-Facing: HIGH - Attack can be initiated remotely without authentication

🏢 Internal Only: MEDIUM - Still exploitable from internal networks but attack surface reduced

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Public exploit code available on GitHub, simple file upload manipulation

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: No

Instructions:

No official patch available. Vendor did not respond to disclosure. Consider upgrading to version above 6.4.2 if available or implementing workarounds.

🔧 Temporary Workarounds

Block sendfile.jsp access

all

Restrict access to vulnerable endpoint via web server configuration

# Apache: RewriteRule ^/sendfile\.jsp$ - [F]
# Nginx: location ~ /sendfile\.jsp$ { deny all; }

Implement file upload validation

all

Add server-side validation for file uploads in MetaCRM

# Modify sendfile.jsp to validate file extensions and content

🧯 If You Can't Patch

Implement WAF rules to block malicious file upload patterns
Restrict network access to MetaCRM instances to trusted IPs only

🔍 How to Verify

Check if Vulnerable:

Attempt to upload a test file via sendfile.jsp endpoint with arbitrary extension

Check Version:

Check MetaCRM version in admin interface or application files

Verify Fix Applied:

Verify file upload restrictions are enforced and sendfile.jsp endpoint is properly secured

📡 Detection & Monitoring

Log Indicators:

Multiple POST requests to /sendfile.jsp
Upload of files with suspicious extensions (.jsp, .php, .exe)

Network Indicators:

Unusual outbound connections from MetaCRM server
File upload traffic to sendfile.jsp

SIEM Query:

source="web_server" AND (url="/sendfile.jsp" OR file_extension IN ("jsp", "php", "exe"))

📊 Metadata

CVE ID: CVE-2025-7877

CVSS v3 Score: 6.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

CWE: CWE-284

EPSS Score: 0.06% exploit probability (17.8th percentile)

Published: July 20, 2025

Last Updated: August 27, 2025

🔗 References

https://github.com/FightingLzn9/vul/blob/main/MetaCRM6-Upload-4.md Exploit,Third Party Advisory
https://vuldb.com/?ctiid.316991 Permissions Required,VDB Entry
https://vuldb.com/?id.316991 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.611252 Third Party Advisory,VDB Entry
https://github.com/FightingLzn9/vul/blob/main/MetaCRM6-Upload-4.md Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-7877, you might also want to check these: