CVE-2012-10054 CRITICAL

CVE-2012-10054: Umbraco CMS < 4.7.1 codeEditorSave.asmx RCE

Vendor Umbraco
Product CMS
Weakness CWE-434 · Unrestricted file upload
Published August 13, 2025
Last update May 15, 2026

CVSS base score

9.3/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

Umbraco CMS versions prior to 4.7.1 are vulnerable to unauthenticated remote code execution via the codeEditorSave.asmx SOAP endpoint, which exposes a SaveDLRScript operation that permits arbitrary file uploads without authentication. By exploiting a path traversal flaw in the fileName parameter, attackers can write malicious ASPX scripts directly into the web-accessible /umbraco/ directory and execute them remotely.

Key dates

02Disclosure timeline

August 13, 2025 CVE published
May 15, 2026 Record updated

Related vulnerabilities

04Related CVE