CRITICAL🇵🇱 Wersja polska

CVE-2025-69828

CVSS 10.0v3.1pub. 2026-01-22upd. 2026-04-15

File Upload vulnerability in TMS Global Software TMS Management Console v.6.3.7.27386.20250818 allows a remote attacker to execute arbitrary code via the Logo upload in /Customer/AddEdit

🤖 AI Analysis
How it works

The vulnerability (CWE-434 – Unrestricted Upload of File with Dangerous Type) occurs at the /Customer/AddEdit endpoint, specifically in the logo upload function. The application does not properly verify the type or content of the uploaded file, allowing an attacker to upload a malicious executable file (e.g., webshell) instead of an image. Once the file is placed on the server, the attacker can trigger its execution, thereby achieving remote code execution (RCE) on the target host.

Impact

An unauthenticated attacker operating over the network can gain full control of the server — including reading and modifying data, installing malicious software, and the ability to move laterally through the infrastructure (lateral movement).

Mitigation & patch

Apply patches available from the vendor according to the references. Until the patch is implemented, it is recommended to restrict access to the /Customer/AddEdit endpoint at the firewall or WAF level and disable the logo upload function if it is not operationally necessary.

Who is affected

TMS Global Software TMS Management Console version 6.3.7.27386.20250818

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCE
CWE
References