CVE-2025-48732 - Vulnerability Details - OpenCVE

An incomplete blacklist exists in the .htaccess sample of WWBN AVideo 14.4 and dev master commit 8a8954ff. A specially crafted HTTP request can lead to a arbitrary code execution. An attacker can request a .phar file to trigger this vulnerability.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation poc

Automatable yes

Technical Impact partial

Vendors	Products
Wwbn	Avideo

Configuration 1 [-]

cpe:2.3:a:wwbn:avideo:14.4:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2213

History

Tue, 29 Jul 2025 17:00:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:2.3:a:wwbn:avideo:14.4:::::::*

Thu, 24 Jul 2025 21:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Wwbn Wwbn avideo
Vendors & Products		Wwbn Wwbn avideo

Thu, 24 Jul 2025 16:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Thu, 24 Jul 2025 15:30:00 +0000

Type	Values Removed	Values Added
Description		An incomplete blacklist exists in the .htaccess sample of WWBN AVideo 14.4 and dev master commit 8a8954ff. A specially crafted HTTP request can lead to a arbitrary code execution. An attacker can request a .phar file to trigger this vulnerability.
Weaknesses		CWE-184
References		https://talosintelligence.com/vulnerability_reports/TALOS-2025-2213
Metrics		cvssV3_1 `{'score': 7.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L'}`

MITRE

Status: PUBLISHED

Assigner: talos

Published: 2025-07-24T15:10:56.720Z

Updated: 2025-07-24T15:31:06.971Z

Reserved: 2025-07-09T14:07:20.743Z

Link: CVE-2025-48732

Vulnrichment

Updated: 2025-07-24T15:31:02.039Z

NVD

Status : Analyzed

Published: 2025-07-24T16:15:32.167

Modified: 2025-07-29T16:52:21.187

Link: CVE-2025-48732

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-48732", "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "state": "PUBLISHED", "assignerShortName": "talos", "dateReserved": "2025-07-09T14:07:20.743Z", "datePublished": "2025-07-24T15:10:56.720Z", "dateUpdated": "2025-07-24T15:31:06.971Z"}, "containers": {"cna": {"affected": [{"vendor": "WWBN", "product": "AVideo", "versions": [{"version": "14.4", "status": "affected"}, {"version": "dev master commit 8a8954ff", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "An incomplete blacklist exists in the .htaccess sample of WWBN AVideo 14.4 and dev master commit 8a8954ff. A specially crafted HTTP request can lead to a arbitrary code execution. An attacker can request a .phar file to trigger this vulnerability."}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-184: Incomplete Blacklist", "type": "CWE", "cweId": "CWE-184"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH"}}], "providerMetadata": {"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "shortName": "talos", "dateUpdated": "2025-07-24T15:10:56.720Z"}, "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2025-2213", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2025-2213"}], "credits": [{"lang": "en", "value": "Discovered by Claudio Bozzato of Cisco Talos."}]}, "adp": [{"references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2025-2213", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-07-24T15:30:54.337719Z", "id": "CVE-2025-48732", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-24T15:31:06.971Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-48732", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-07-24T15:30:54.337719Z"}}}], "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2025-2213", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-24T15:31:02.039Z"}}], "cna": {"credits": [{"lang": "en", "value": "Discovered by Claudio Bozzato of Cisco Talos."}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.3, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "WWBN", "product": "AVideo", "versions": [{"status": "affected", "version": "14.4"}, {"status": "affected", "version": "dev master commit 8a8954ff"}]}], "references": [{"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2025-2213", "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2025-2213"}], "descriptions": [{"lang": "en", "value": "An incomplete blacklist exists in the .htaccess sample of WWBN AVideo 14.4 and dev master commit 8a8954ff. A specially crafted HTTP request can lead to a arbitrary code execution. An attacker can request a .phar file to trigger this vulnerability."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-184", "description": "CWE-184: Incomplete Blacklist"}]}], "providerMetadata": {"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "shortName": "talos", "dateUpdated": "2025-07-24T15:10:56.720Z"}}}, "cveMetadata": {"cveId": "CVE-2025-48732", "state": "PUBLISHED", "dateUpdated": "2025-07-24T15:31:06.971Z", "dateReserved": "2025-07-09T14:07:20.743Z", "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b", "datePublished": "2025-07-24T15:10:56.720Z", "assignerShortName": "talos"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:wwbn:avideo:14.4:*:*:*:*:*:*:*", "matchCriteriaId": "E6526CF6-ED23-4EBE-829F-90CD3BAA006A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An incomplete blacklist exists in the .htaccess sample of WWBN AVideo 14.4 and dev master commit 8a8954ff. A specially crafted HTTP request can lead to a arbitrary code execution. An attacker can request a .phar file to trigger this vulnerability."}, {"lang": "es", "value": "Existe una lista negra incompleta en la muestra .htaccess de WWBN AVideo 14.4 y el commit de desarrollo principal 8a8954ff. Una solicitud HTTP especialmente manipulada puede provocar la ejecuci\u00f3n de c\u00f3digo arbitrario. Un atacante puede solicitar un archivo .phar para activar esta vulnerabilidad."}], "id": "CVE-2025-48732", "lastModified": "2025-07-29T16:52:21.187", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 7.3, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.4, "source": "talos-cna@cisco.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-07-24T16:15:32.167", "references": [{"source": "talos-cna@cisco.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2025-2213"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "tags": ["Exploit", "Third Party Advisory"], "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2025-2213"}], "sourceIdentifier": "talos-cna@cisco.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-184"}], "source": "talos-cna@cisco.com", "type": "Primary"}]}