CVE-2025-9400

YiFang CMS P_file.php mergeMultipartUpload unrestricted upload

Severity Score

5.3

*CVSS v4

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

Track*

*SSVC

Descriptions

MITRE
MITRE

A flaw has been found in YiFang CMS up to 2.0.5. This affects the function mergeMultipartUpload of the file app/utils/base/plugin/P_file.php. This manipulation of the argument File causes unrestricted upload. Remote exploitation of the attack is possible. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Eine Schwachstelle wurde in YiFang CMS bis 2.0.5 gefunden. Betroffen davon ist die Funktion mergeMultipartUpload der Datei app/utils/base/plugin/P_file.php. Mittels Manipulieren des Arguments File mit unbekannten Daten kann eine unrestricted upload-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit wurde der Öffentlichkeit bekannt gemacht und könnte verwendet werden.

*Credits: Yu Bao

CVSS Scores

Attack Vector

Network

Attack Complexity

Low

Attack Requirements

None

Privileges Required

Low

User Interaction

None

System

Vulnerable | Subsequent

Confidentiality

Low

None

Integrity

Low

None

Availability

Low

None

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

Attack Vector

Network

Attack Complexity

Low

Authentication

Single

Confidentiality

Partial

Integrity

Partial

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:Track*

Exploitation

Poc

Automatable

Tech. Impact

Partial

* Organization's Worst-case Scenario

Timeline

2025-08-24 CVE Reserved
2025-08-25 CVE Published
2025-08-25 CVE Updated
2025-08-25 EPSS Updated
2025-08-25 First Exploit
---------- Exploited in Wild
---------- KEV Due Date

CWE

CWE-284: Improper Access Control
CWE-434: Unrestricted Upload of File with Dangerous Type

CAPEC

References (4)

URL	Tag	Source
https://vuldb.com/?id.321236	Vdb Entry
https://vuldb.com/?submit.632535	Third Party Advisory
https://github.com/August829/Yu/blob/main/20250811_3.md	Related

URL	Date	SRC
https://github.com/August829/Yu/blob/main/20250811_3.md#poc	2025-08-25

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
YiFang Search vendor "YiFang"		CMS Search vendor "YiFang" for product "CMS"				2.0.0 Search vendor "YiFang" for product "CMS" and version "2.0.0"		en		Affected
YiFang Search vendor "YiFang"		CMS Search vendor "YiFang" for product "CMS"				2.0.1 Search vendor "YiFang" for product "CMS" and version "2.0.1"		en		Affected
YiFang Search vendor "YiFang"		CMS Search vendor "YiFang" for product "CMS"				2.0.2 Search vendor "YiFang" for product "CMS" and version "2.0.2"		en		Affected
YiFang Search vendor "YiFang"		CMS Search vendor "YiFang" for product "CMS"				2.0.3 Search vendor "YiFang" for product "CMS" and version "2.0.3"		en		Affected
YiFang Search vendor "YiFang"		CMS Search vendor "YiFang" for product "CMS"				2.0.4 Search vendor "YiFang" for product "CMS" and version "2.0.4"		en		Affected
YiFang Search vendor "YiFang"		CMS Search vendor "YiFang" for product "CMS"				2.0.5 Search vendor "YiFang" for product "CMS" and version "2.0.5"		en		Affected