CVE-2025-46384
Published: 20 July 2025
Summary
CVE-2025-46384 is a high-severity Unrestricted Upload of File with Dangerous Type (CWE-434) vulnerability in Gov (inferred from references). Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 44.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-9 (Information Input Restrictions).
Deeper analysis
CVE-2025-46384, published on 2025-07-20T15:15:24.340, is a vulnerability classified as CWE-434: Unrestricted Upload of File with Dangerous Type. It has a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), reflecting high severity due to its potential for significant confidentiality, integrity, and availability impacts.
The vulnerability can be exploited over the network with low complexity by an attacker possessing low privileges, without requiring user interaction and without changing the scope. Successful exploitation allows the attacker to achieve high levels of impact across confidentiality, integrity, and availability, potentially enabling full system compromise through the upload of malicious files.
For mitigation details, refer to the advisory at https://www.gov.il/en/departments/dynamiccollectors/cve_advisories_listing?skip=0.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-22022
Vulnerability details
CWE-434 Unrestricted Upload of File with Dangerous Type
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Unrestricted file upload (CWE-434) on a network-accessible application directly enables web shell deployment and exploitation of public-facing apps for initial access and execution.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly mitigates CWE-434 by validating uploaded file types and contents at system entry points to block dangerous files.
Enforces restrictions on types and sources of uploaded information, preventing unrestricted uploads of dangerous file types by low-privileged attackers.
Detects and eradicates malicious code in uploaded dangerous files, limiting the confidentiality, integrity, and availability impacts of exploitation.