CVE-2023-25654
- Source
- https://cve.org/CVERecord?id=CVE-2023-25654
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-25654.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-25654
- Aliases
- Published
- 2023-03-23T19:22:30.154Z
- Modified
- 2026-04-12T04:22:50.441423Z
- Severity
-
- 9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- baserCMS File Uploader Remote Code Execution (RCE) vulnerability
- Details
-
baserCMS is a Content Management system. Prior to version 4.7.5, there is a Remote Code Execution (RCE) Vulnerability in the management system of baserCMS. Version 4.7.5 contains a patch.
- Database specific
{ "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/25xxx/CVE-2023-25654.json", "cna_assigner": "GitHub_M", "cwe_ids": [ "CWE-434" ] }- References
-
- https://github.com/baserproject/basercms/releases/tag/basercms-4.7.5
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/25xxx/CVE-2023-25654.json
- https://github.com/baserproject/basercms/security/advisories/GHSA-h4cc-fxpp-pgw9
- https://nvd.nist.gov/vuln/detail/CVE-2023-25654
- https://github.com/baserproject/basercms/commit/002886be0998c74c386e04f0b43688a8a45d7a96
- https://github.com/baserproject/basercms/commit/08247f0a633d8e836ce2e5cd2d53aa19901a1359
- https://github.com/baserproject/basercms/commit/60f83054d8131b0ace60716cec7e629b5eb3a8f0
Affected packages
Git / github.com/baserproject/basercms
Affected ranges
- Type
- GIT
- Repo
- https://github.com/baserproject/basercms
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixedFixedFixedFixed
- Database specific
{ "cpe": "cpe:2.3:a:basercms:basercms:*:*:*:*:*:*:*:*", "extracted_events": [ { "introduced": "0" }, { "fixed": "4.7.5" } ], "source": [ "CPE_FIELD", "REFERENCES" ] }
Affected versions
2.*
2.0.0
2.0.0-beta
2.0.1
2.0.2
2.0.3
2.1.0
2.1.2
3.*
3.0.0
3.0.1
3.0.2
3.0.3
3.0.4
3.0.5
3.0.5.1
3.0.6
3.0.6-beta
3.0.7
4.*
4.0.0
4.0.0-beta
4.0.6
4.0.7
4.1.0
4.1.0.1
4.1.1
4.1.2
4.2.2
4.2.4
4.3.0
4.3.3
4.3.5
4.3.6
4.3.7
4.3.7.1
4.4.0
4.4.1.1
4.4.2.1
4.4.3
4.4.4
4.4.6
4.4.8
4.5.0
4.5.1
4.5.2
4.6.0
4.6.1
4.6.1.1
4.6.2
4.7.0
4.7.2
4.7.3