CVE-2025-1980

Sažetak

The Ready_ application's Profile section allows users to upload files of any type and extension without restriction. If the server is misconfigured, as it was by default when installed at the turn of 2021 and 2022, it can result in Remote Code Execution. Refer to the Required Configuration for Exposure section for more information.

Reference

https://cert.pl/en/posts/2025/04/CVE-2025-1980
https://cert.pl/posts/2025/04/CVE-2025-1980
https://ready-os.com/pl/

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

16-04-2025 - 13:25

Objavljeno

16-04-2025 - 13:15