Critical severityNVD Advisory· Published Apr 16, 2025· Updated Apr 15, 2026

CVE-2025-1980

Description

The Ready_ application's Profile section allows users to upload files of any type and extension without restriction. If the server is misconfigured, as it was by default when installed at the turn of 2021 and 2022, it can result in Remote Code Execution. Refer to the Required Configuration for Exposure section for more information.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

cert.pl/en/posts/2025/04/CVE-2025-1980nvd
cert.pl/posts/2025/04/CVE-2025-1980nvd
ready-os.com/pl/nvd

News mentions

No linked articles in our index yet.

cvss	0.585
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000