Cyber Posture

CVE-2025-15589

LowPublic PoC

Published: 24 February 2026

Published
24 February 2026
Modified
26 February 2026
KEV Added
Patch
CVSS Score 3.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L
EPSS Score 0.0018 39.4th percentile
Risk Priority 8 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-15589 is a low-severity Path Traversal (CWE-22) vulnerability in Muyucms Muyucms. Its CVSS base score is 3.8 (Low).

Operationally, exploitation aligns with the MITRE ATT&CK technique Data Destruction (T1485); ranked at the 39.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Threat & Defense at a Glance

What attackers do: exploitation maps to Data Destruction (T1485) and 1 other technique.
Threat & Defense Details

Likely Mitigating ControlsAI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

SI-10 Information Input Validation
addresses: CWE-22

Validates pathnames and filenames to prevent traversal outside intended directories.

MITRE ATT&CK Enterprise TechniquesAI

T1485 Data Destruction Impact
Adversaries may destroy data and files on specific systems or in large numbers on a network to interrupt availability to systems, services, and network resources.
attack.mitre.org →
T1070.004 File Deletion Stealth
Adversaries may delete files left behind by the actions of their intrusion activity.
attack.mitre.org →
Why these techniques?

Path traversal in delete_dir_file enables arbitrary file/directory deletion, directly supporting data destruction (T1485) and file deletion for defense evasion (T1070.004).

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

NVD Description

A vulnerability was determined in MuYuCMS 2.7. Affected is the function delete_dir_file of the file application/admin/controller/Template.php of the component Template Management Page. This manipulation of the argument temn/tp causes path traversal. It is possible to initiate the attack remotely. The…

more

exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Deeper analysisAI

CVE-2025-15589 is a path traversal vulnerability (CWE-22) affecting MuYuCMS version 2.7. The issue resides in the delete_dir_file function within the file application/admin/controller/Template.php of the Template Management Page. It arises from manipulation of the temn/tp argument, enabling attackers to traverse directories outside the intended path.

The vulnerability is exploitable remotely over the network (AV:N) with low attack complexity (AC:L), but requires high privileges (PR:H) and no user interaction (UI:N). Exploitation remains in the same security scope (S:U) and results in no confidentiality impact (C:N), low integrity impact (I:L), and low availability impact (A:L), yielding a CVSS v3.1 base score of 3.8.

Advisories from VulDB and related disclosures indicate that a proof-of-concept exploit has been publicly released on GitHub, which may be utilized by attackers. The vendor was contacted early regarding the issue but provided no response, and no patches or official mitigations are available.

Details

CWE(s)
CWE-22

Affected Products

muyucms
muyucms
2.7

CVEs Like This One

CVE-2025-13377Shared CWE-22
CVE-2026-27040Shared CWE-22
CVE-2026-24135Shared CWE-22
CVE-2024-13897Shared CWE-22
CVE-2025-68862Shared CWE-22
CVE-2025-65879Shared CWE-22
CVE-2026-31913Shared CWE-22
CVE-2025-5391Shared CWE-22
CVE-2026-25161Shared CWE-22
CVE-2026-24969Shared CWE-22

References