Login Sign Up

CVE-2025-8798

7.3 HIGH

📋 TL;DR

This critical vulnerability in oitcode samarium allows unrestricted file uploads via the Create Product Page component. Attackers can remotely exploit this to upload malicious files, potentially leading to server compromise. All users running samarium versions up to 0.9.6 are affected.

💻 Affected Systems

Products:
  • oitcode samarium
Versions: up to 0.9.6
Operating Systems: All platforms running samarium
Default Config Vulnerable: ⚠️ Yes
Notes: Affects the /dashboard/product endpoint's Create Product Page functionality.

📦 What is this software?

Samarium by Oitcode

View all CVEs affecting Samarium →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete server takeover via remote code execution, data exfiltration, and persistent backdoor installation.

🟠

Likely Case

Webshell deployment leading to unauthorized access, data manipulation, and lateral movement within the network.

🟢

If Mitigated

File upload attempts blocked or quarantined with no successful exploitation.

🌐 Internet-Facing: HIGH - Remote exploitation possible with public exploit available.
🏢 Internal Only: MEDIUM - Still exploitable from internal networks but requires network access.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

Exploit disclosed in public GitHub repository; requires access to the vulnerable endpoint.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None available

Restart Required: No

Instructions:

No official patch available. Monitor vendor channels for updates and consider workarounds.

🔧 Temporary Workarounds

Restrict file uploads

all

Implement strict file type validation and size limits on the /dashboard/product endpoint.

# Configure web server (e.g., nginx) to block uploads to vulnerable path
location /dashboard/product { deny all; }

Disable vulnerable component

all

Temporarily disable the Create Product Page functionality if not essential.

# Modify application code to disable upload feature
# Remove or comment out upload handlers in product creation logic

🧯 If You Can't Patch

  • Implement web application firewall (WAF) rules to block malicious upload patterns.
  • Isolate the affected system in a restricted network segment with strict outbound filtering.

🔍 How to Verify

Check if Vulnerable:

Check if samarium version is ≤0.9.6 and test file upload functionality at /dashboard/product endpoint.

Check Version:

Check package manager or application configuration for samarium version (e.g., check composer.json for PHP version).

Verify Fix Applied:

Test that file uploads are properly restricted or disabled at the vulnerable endpoint.

📡 Detection & Monitoring

Log Indicators:

  • Unusual file uploads to /dashboard/product
  • Large or unexpected file types in upload logs
  • Failed authentication attempts followed by upload requests

Network Indicators:

  • HTTP POST requests to /dashboard/product with file attachments
  • Unusual outbound connections from the server post-upload

SIEM Query:

source="web_logs" AND url_path="/dashboard/product" AND http_method="POST" AND content_type CONTAINS "multipart/form-data"

📊 Metadata

CVE ID: CVE-2025-8798
CVSS v3 Score: 7.3 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CWE: CWE-284
EPSS Score: 0.03% exploit probability (9.3th percentile)
Published: August 10, 2025
Last Updated: September 16, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-8798, you might also want to check these:

CVE-2021-34795 10.0

This critical vulnerability in Cisco Catalyst PON Series Switches ONT web management interface allow...

Same vulnerability type (CWE-284)
CVE-2021-40113 10.0

Multiple vulnerabilities in Cisco Catalyst PON Series Switches ONT web management interface allow un...

Same vulnerability type (CWE-284)
CVE-2026-21636 10.0

A critical vulnerability in Node.js v25's experimental permission model allows attacker-controlled i...

Same vulnerability type (CWE-284)