CVE-2025-0471 CRITICAL

CVE-2025-0471: Unrestricted Upload of File with Dangerous Type vulnerability in PMB platform

Vendor Pmb Services
Product PMB platform
Weakness CWE-434 · Unrestricted file upload
Published January 16, 2025
Last update January 16, 2025

CVSS base score

9.9/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

What the vulnerability does

01Description

Unrestricted file upload vulnerability in the PMB platform, affecting versions 4.0.10 and above. This vulnerability could allow an attacker to upload a file to gain remote access to the machine, being able to access, modify and execute commands freely.

Key dates

02Disclosure timeline

January 16, 2025 CVE published
January 16, 2025 Record updated