CVE-2025-55010

{"id": "CVE-2025-55010", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 2.3}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}]}, "published": "2025-08-12T16:15:28.540", "references": [{"url": "https://github.com/kanboard/kanboard/blob/b033c0e0f982f8158e240bce8ab54c29727f8efe/app/Formatter/ProjectActivityEventFormatter.php#L43-L57", "tags": ["Product"], "source": "security-advisories@github.com"}, {"url": "https://github.com/kanboard/kanboard/commit/7148ac092e5db6b33e0fc35e04bca328d96c1f6f", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/kanboard/kanboard/security/advisories/GHSA-359x-c69j-q64r", "tags": ["Exploit", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/kanboard/kanboard/security/advisories/GHSA-359x-c69j-q64r", "tags": ["Exploit", "Third Party Advisory"], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-502"}]}], "descriptions": [{"lang": "en", "value": "Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.47, an unsafe deserialization vulnerability in the ProjectEventActvityFormatter allows admin users the ability to instantiate arbitrary php objects by modifying the event[\"data\"] field in the project_activities table. A malicious actor can update this field to use a php gadget to write a web shell into the /plugins folder, which then gives remote code execution on the host system. This issue has been patched in version 1.2.47."}, {"lang": "es", "value": "Kanboard es un software de gesti\u00f3n de proyectos basado en la metodolog\u00eda Kanban. Antes de la versi\u00f3n 1.2.47, una vulnerabilidad de deserializaci\u00f3n insegura en ProjectEventActvityFormatter permit\u00eda a los administradores instanciar objetos PHP arbitrarios modificando el campo event[\"data\"] en la tabla project_activities. Un atacante puede actualizar este campo para usar un gadget PHP y escribir un shell web en la carpeta /plugins, lo que permite la ejecuci\u00f3n remota de c\u00f3digo en el sistema host. Este problema se ha corregido en la versi\u00f3n 1.2.47."}], "lastModified": "2025-08-22T17:28:18.667", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:kanboard:kanboard:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8725B482-0964-41C2-9E52-AB3DB5BE0976", "versionEndExcluding": "1.2.47"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}