CVE-2025-50722
Published: 25 August 2025
Summary
CVE-2025-50722 is a critical-severity Command Injection (CWE-77) vulnerability in Sparkshop Sparkshop. Its CVSS base score is 9.8 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 19.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-10 (Information Input Validation).
Deeper analysis
CVE-2025-50722 is an insecure permissions vulnerability affecting SparkShop version 1.1.7. The flaw resides in the Common.php component and is tracked under CWE-77. It carries a CVSS 3.1 score of 9.8, reflecting network attack vector, low complexity, and no required authentication or user interaction.
A remote attacker can exploit the weakness to execute arbitrary code on the affected installation, resulting in full compromise of confidentiality, integrity, and availability. The EPSS score remains flat at 0.0135 with no material increase since disclosure.
The sole public reference is a technical document hosted on GitHub that describes the issue; no vendor advisory or patch information is provided in the available references.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-25713
Vulnerability details
Insecure Permissions vulnerability in sparkshop v.1.1.7 allows a remote attacker to execute arbitrary code via the Common.php component
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Remote unauthenticated command injection (CWE-77) in public-facing PHP app directly enables T1190 exploitation and T1059.004 Unix shell command execution.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly remediates the insecure permissions flaw in Common.php of sparkshop v1.1.7 that enables arbitrary code execution.
Validates inputs to the Common.php component to prevent command injection exploits (CWE-77) leading to RCE.
Enforces access controls on the Common.php component to mitigate insecure permissions allowing unauthenticated remote access and code execution.