CVE-2025-51511

Cadmium · CMS

Cadmium CMS version 0.4.9 contains a critical arbitrary file upload vulnerability within the /admin/content/filemanager/uploads endpoint.

Executive summary

An arbitrary file upload vulnerability in Cadmium CMS version 0.4.9 poses a critical risk of remote code execution for affected installations.

Vulnerability

This vulnerability involves an insecure file upload mechanism that allows an unauthenticated or low-privileged attacker to upload arbitrary files to the server. The flaw resides in the file manager utility, potentially allowing the execution of malicious scripts if uploaded to a web-accessible directory.

Business impact

The ability to upload arbitrary files typically results in complete server compromise, as attackers can upload web shells to execute arbitrary commands. Given the CVSS score of 9.8, this vulnerability is critical, posing a severe risk of data exfiltration, unauthorized access to sensitive content, and complete system takeover.

Remediation

Immediate Action: Upgrade to the latest available version of Cadmium CMS immediately to patch the insecure upload handler.

Proactive Monitoring: Review web server access logs for requests directed at /admin/content/filemanager/uploads that return 200 OK statuses but contain suspicious file extensions or unusual user-agent strings.

Compensating Controls: Implement a Web Application Firewall (WAF) rule to block unauthorized access to the file manager upload path and restrict file uploads to verified administrative sessions only.

Exploitation status

Public Exploit Available: Unknown

Analyst recommendation

This vulnerability represents a critical security gap that could lead to full system compromise. Organizations running Cadmium CMS version 0.4.9 should prioritize applying the vendor-supplied update immediately to mitigate the risk of remote command execution.