How severe is CVE-2025-65602?

CVE-2025-65602 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2025-65602

Name: chancms
Author: chancms

9.8CRITICAL

A template injection vulnerability in the /vip/v1/file/save component of ChanCMS v3.3.4 allows attackers to execute arbitrary code via a crafted POST request.

发布于: 12/10/2025更新于: 12/18/2025

描述

A template injection vulnerability in the /vip/v1/file/save component of ChanCMS v3.3.4 allows attackers to execute arbitrary code via a crafted POST request.

AI分析AI驱动

受影响产品

chancmschancms

3.3.4

参考资料

https://gitee.com/chancms/ChanCMS
Product
https://www.notion.so/ChanCMS-Unauthenticated-RCE-2a3ee9235ba380fc9973e16c06258689
Permissions Required
https://www.notion.so/ChanCMS-Unauthenticated-RCE-2a3ee9235ba380fc9973e16c06258689?source=copy_link
Permissions Required