CVE-2025-45855

Root

Cause

The Erupt framework, an annotation-driven Java admin platform [1], contains an arbitrary file upload vulnerability in the /upload/GoodsCategory/image component as of version 1.12.19. The endpoint does not properly validate or restrict the type of files that can be uploaded, allowing an attacker to upload executable content such as a web shell or JSP file [2].

Exploitation

An attacker can exploit this vulnerability by sending a crafted file to the vulnerable upload endpoint. No authentication is required, and the attack can be performed remotely over the network. The lack of file type checks or path restrictions means the uploaded file can be placed in a web-accessible directory and subsequently interpreted by the server [2].

Impact

Successful exploitation leads to arbitrary code execution on the server with the privileges of the application. This can result in full compromise of the affected system, including data exfiltration, service disruption, or lateral movement within the network. The CVSS v3.1 base score is 9.8 (Critical), reflecting the high impact on confidentiality, integrity, and availability [2].

Mitigation

As of the publication date (2025-06-03), a fix has not been released. Users of erupt v1.12.19 are advised to apply input validation, restrict uploadable file types, and deploy a web application firewall (WAF) to block malicious payloads. The vendor's official project and documentation site [1][3] should be monitored for a patched version.