CVE-2025-44658

{"id": "CVE-2025-44658", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2025-07-21T16:15:29.560", "references": [{"url": "https://gist.github.com/TPCchecker/c72eea7a3f89070dab7dfdbf7504b2d6", "tags": ["Broken Link"], "source": "cve@mitre.org"}, {"url": "https://www.netgear.com/about/security/", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "https://www.notion.so/CVE-2025-44658-24754a1113e780df8f72c779a108f75b", "tags": ["Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-434"}]}], "descriptions": [{"lang": "en", "value": "In Netgear RAX30 V1.0.10.94, a PHP-FPM misconfiguration vulnerability is caused by not following the specification to only limit FPM to .php extensions. An attacker may exploit this by uploading malicious scripts disguised with alternate extensions and tricking the web server into executing them as PHP, bypassing security mechanisms based on file extension filtering. This may lead to remote code execution (RCE), information disclosure, or full system compromise."}, {"lang": "es", "value": "En Netgear RAX30 V1.0.10.94, una vulnerabilidad de configuraci\u00f3n incorrecta de PHP-FPM se debe a que no se sigue la especificaci\u00f3n que limita FPM \u00fanicamente a las extensiones .php. Un atacante podr\u00eda explotar esto subiendo scripts maliciosos camuflados con extensiones alternativas y enga\u00f1ando al servidor web para que los ejecute como PHP, evadiendo as\u00ed los mecanismos de seguridad basados en el filtrado de extensiones de archivo. Esto puede provocar la ejecuci\u00f3n remota de c\u00f3digo (RCE), la divulgaci\u00f3n de informaci\u00f3n o la vulneraci\u00f3n total del sistema."}], "lastModified": "2025-08-07T17:57:40.350", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:netgear:rax30_firmware:1.0.10.94:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2F37A1A-52D1-4116-955B-D3573BA24645"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:h:netgear:rax30:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "EBC92B49-60E0-4554-BE7F-D2B5D6EF6454"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "cve@mitre.org"}