How severe is CVE-2025-65602?

CVE-2025-65602 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2025-65602

Name: chancms
Author: chancms

9.8CRITICAL

A template injection vulnerability in the /vip/v1/file/save component of ChanCMS v3.3.4 allows attackers to execute arbitrary code via a crafted POST request.

公開日: 12/10/2025更新日: 12/18/2025

説明

A template injection vulnerability in the /vip/v1/file/save component of ChanCMS v3.3.4 allows attackers to execute arbitrary code via a crafted POST request.

AI分析AIによる分析

影響を受ける製品

chancmschancms

3.3.4

参照

https://gitee.com/chancms/ChanCMS
Product
https://www.notion.so/ChanCMS-Unauthenticated-RCE-2a3ee9235ba380fc9973e16c06258689
Permissions Required
https://www.notion.so/ChanCMS-Unauthenticated-RCE-2a3ee9235ba380fc9973e16c06258689?source=copy_link
Permissions Required