CVE-2025-2035
Published: 06 March 2025
Summary
CVE-2025-2035 is a medium-severity Improper Access Control (CWE-284) vulnerability in S-A-Zhd Ecommerce-Website-Using-Php. Its CVSS base score is 6.3 (Medium).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 25.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-9 (Information Input Restrictions).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Validates inputs to the /customer_register.php 'name' argument to block manipulation enabling unrestricted uploads of dangerous files.
Restricts file types, sizes, and characteristics accepted by the customer registration functionality to prevent uploads of dangerous types.
Scans files at web application boundaries for malicious code to mitigate exploitation of the unrestricted upload vulnerability.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Unrestricted file upload in public-facing PHP web application (/customer_register.php) enables exploitation of public-facing applications (T1190) and staging tools/malware by uploading arbitrary dangerous files for execution (T1608.002), as explicitly mapped in advisories and leading to RCE.
NVD Description
A vulnerability was found in s-a-zhd Ecommerce-Website-using-PHP 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /customer_register.php. The manipulation of the argument name leads to unrestricted upload. The attack may be launched remotely.…
more
The exploit has been disclosed to the public and may be used.
Deeper analysisAI
CVE-2025-2035 is a critical vulnerability in s-a-zhd Ecommerce-Website-using-PHP version 1.0, affecting an unknown functionality within the /customer_register.php file. The issue arises from manipulation of the "name" argument, enabling unrestricted file upload. It is associated with CWEs-284 (Improper Access Control) and CWE-434 (Unrestricted Upload of File with Dangerous Type), carrying a CVSS v3.1 base score of 6.3 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).
A remote attacker with low privileges, such as a registered user, can exploit this vulnerability with low complexity and no user interaction required. Successful exploitation allows limited impacts on confidentiality, integrity, and availability, potentially enabling the upload of malicious files through the customer registration process.
Advisories provide further details via VulDB entries (ctiid.298778, id.298778, submit.512404) and websecurityinsights.my.id. No specific patches or mitigations are detailed in the available information.
The exploit has been publicly disclosed and may be used by attackers.
Details
- CWE(s)