CVE-2025-48492
Published: 30 May 2025
Summary
CVE-2025-48492 is a high-severity Command Injection (CWE-77) vulnerability in Getsimple-Ce Getsimple Cms. Its CVSS base score is 8.6 (High).
Operationally, ranked in the top 13.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
Deeper analysis
GetSimple CMS versions 3.3.16 through 3.3.21 contain a command-injection flaw (CWE-77) that permits an authenticated user with Edit-component access to write arbitrary PHP code into a component file. The injected code can then be executed by supplying a crafted query string, yielding remote code execution with full impact on confidentiality, integrity, and availability.
An attacker who already possesses a valid account with Edit rights can therefore upload and trigger malicious PHP payloads without further user interaction, resulting in complete compromise of the affected CMS instance.
The public GitHub Security Advisory GHSA-g435-p72m-p582 states that the issue will be corrected in the forthcoming 3.3.22 release.
EPSS remains low and unchanged at 0.0280, indicating no observable increase in exploitation interest after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-28235
Vulnerability details
GetSimple CMS is a content management system. In versions starting from 3.3.16 to 3.3.21, an authenticated user with access to the Edit component can inject arbitrary PHP into a component file and execute it via a crafted query string, resulting…
more
in Remote Code Execution (RCE). This issue is set to be patched in version 3.3.22.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.