CVE-2025-69828
TMS Global Software · TMS Management Console
An unrestricted file upload vulnerability in the TMS Management Console logo upload feature allows remote attackers to execute arbitrary code.
Executive summary
A critical file upload vulnerability in the TMS Global Software Management Console allows remote attackers to execute arbitrary code on the host system.
Vulnerability
This is a remote code execution vulnerability originating from improper validation of file uploads in the /Customer/AddEdit endpoint, which can be exploited by an unauthenticated remote attacker.
Business impact
With a CVSS score of 10, this vulnerability represents the highest level of risk, enabling complete system compromise. An attacker gaining code execution capabilities can take full control of the management console, potentially leading to total system takeover, lateral movement across the network, and complete data breach.
Remediation
Immediate Action: Update the TMS Management Console to the latest available version provided by TMS Global Software.
Proactive Monitoring: Review web server logs for suspicious file upload requests or unauthorized access to the /Customer/AddEdit path.
Compensating Controls: Implement a Web Application Firewall (WAF) to block non-image file types from being uploaded to the management console and restrict access to the administration interface.
Exploitation status
Public Exploit Available: Unknown
Analyst recommendation
This vulnerability demands immediate attention due to its critical severity and potential for full system compromise. Administrators must prioritize patching the affected console software to prevent unauthorized remote code execution.