CVE-2025-2746 — Vulnetix

CVE-2025-2746 PUBLISHED KEV CVSS 9.300000190734863 CRITICAL

CVE-2025-2746: A remote attacker without privileges can gain administrative privileges and control admin objects by exploiting the improper authentication in the password handling of empty SHA1 usernames in the Staging Sync Server. CVE-2025-2747: A remote attacker without privileges can gain administrative privileges and control admin objects by exploiting the improper authentication in the password handling for the type “None” as defined by the Staging Sync Server. CVE-2025-2749: A remote attacker with high privileges can upload arbitrary files to any location and execute path traversal by exploiting this improper limitation of a pathname to a restricted directory vulnerability. This can allow the attacker to execute code remotely on the server side, which can lead to complete system compromise.

EPSS 90.22% · 99.6th percentile

Risk Scores

CVSS 4.0

9.300000190734863

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

EPSS Score

90.22%

99.6th percentile

Exploit Intelligence

CIRCL seen: CVE-2025-2746 (circl-sighting)
CIRCL seen: CVE-2025-2746 (circl-sighting)
CIRCL seen: CVE-2025-2746 (circl-sighting)
CIRCL seen: CVE-2025-2746 (circl-sighting)
CIRCL exploited: CVE-2025-2746 (circl-sighting)
CIRCL seen: CVE-2025-2746 (circl-sighting)
CIRCL seen: CVE-2025-2746 (circl-sighting)
CIRCL seen: CVE-2025-2746 (circl-sighting)
CIRCL seen: CVE-2025-2746 (circl-sighting)
CIRCL seen: CVE-2025-2746 (circl-sighting)

…and 34 more exploits

Timeline

Mar 24, 2025 CVE Published
Mar 24, 2025 PoC Published
Mar 24, 2025 PoC Published
Mar 24, 2025 PoC Published
Mar 24, 2025 PoC Published
Mar 25, 2025 EPSS Score
Mar 26, 2025 PoC Published
Mar 27, 2025 PoC Published
Mar 27, 2025 PoC Published
Apr 1, 2025 PoC Published
Apr 3, 2025 PoC Published
Apr 20, 2025 EPSS Score

References

Open in Interactive Console →