logo_clicknbuy.png

CVE-2025-34097 – ProcessMaker Unrestricted File Upload Vulnerability (Remote Code Execution)

The following table lists the changes that have been made to the
CVE-2025-34097 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution
of a vulnerability, and for identifying the most recent changes that may
impact the vulnerability’s severity, exploitability, or other characteristics.

  • New CVE Received
    by [email protected]

    Jul. 10, 2025

    Action Type Old Value New Value
    Added Description An unrestricted file upload vulnerability exists in ProcessMaker versions prior to 3.5.4 due to improper handling of uploaded plugin archives. An attacker with administrative privileges can upload a malicious .tar plugin file containing arbitrary PHP code. Upon installation, the plugin’s install() method is invoked, resulting in execution of attacker-supplied PHP code on the server with the privileges of the web server user. This vulnerability can be chained with CVE-2022-38577 — a privilege escalation flaw in the user profile page — to achieve full remote code execution from a low-privileged account.
    Added CVSS V4.0 AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
    Added CWE CWE-434
    Added Reference https://process-maker-authenticated-plugin-upload-rce
    Added Reference https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/http/processmaker_plugin_upload.rb
    Added Reference https://vulncheck.com/advisories/process-maker-authenticated-plugin-upload-rce
    Added Reference https://wiki.processmaker.net/3.0/Plugin_Development
    Added Reference https://www.exploit-db.com/exploits/44399
    Added Reference https://www.fortiguard.com/encyclopedia/ips/45757
Share the Post:

Related Posts