appRain CMF 4.0.5 Authenticated Remote Code Execution via Filemanager Upload

Advisories

severity: high
date: December 10, 2025
Affecting: appRain CMF 4.0.5
CVE: CVE-2024-58279
CWE: CWE-434 Unrestricted Upload of File with Dangerous Type
CVSS: 8.6
CVSS V4 Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
References: ExploitDB-52041
appRain Homepage
appRain GitHub Repo
Credit: Ahmet Ümit BAYRAM
Description: appRain CMF 4.0.5 contains an authenticated remote code execution vulnerability that allows administrative users to upload malicious PHP files through the filemanager upload endpoint. Attackers can leverage authenticated access to generate a web shell with command execution capabilities by uploading a crafted PHP file to the site's uploads directory.