[KIS-2025-07] Bitrix24 <= 25.100.300 (Translate Module) Remote Code Execution Vulnerability
嗯,用户发来了一段英文邮件,看起来是一个安全漏洞的公告。他让我用中文帮他总结一下内容,控制在一百个字以内,而且不需要用“文章内容总结”之类的开头,直接写描述。 首先,我需要快速浏览邮件内容。邮件标题是“Full Disclosure”,里面提到了Bitrix24软件的漏洞。受影响的版本是25.100.300及之前版本。漏洞位于“Translate Module”,允许上传和提取档案文件到临时目录,但没有正确验证内容,导致远程代码执行。 攻击者需要有特定权限的账户才能利用这个漏洞。已经有一个PoC链接和CVE编号CVE-2025-67886。厂商尚未提供解决方案。 接下来,我需要将这些信息浓缩到100字以内。重点包括:软件名称、漏洞模块、影响版本、漏洞类型(远程代码执行)、攻击条件、CVE编号以及厂商未修复的情况。 要注意语言简洁明了,避免使用复杂的术语,让读者一目了然。 </think> Bitrix24 <= 25.100.300 的“Translate Module”存在远程代码执行漏洞,允许恶意用户上传并执行任意PHP代码。该漏洞影响版本25.100.300及以下,需特定权限账户利用。目前无官方修复方案。 2025-12-16 05:19:57 Author: seclists.org(查看原文) 阅读量:8 收藏
嗯,用户发来了一段英文邮件,看起来是一个安全漏洞的公告。他让我用中文帮他总结一下内容,控制在一百个字以内,而且不需要用“文章内容总结”之类的开头,直接写描述。 首先,我需要快速浏览邮件内容。邮件标题是“Full Disclosure”,里面提到了Bitrix24软件的漏洞。受影响的版本是25.100.300及之前版本。漏洞位于“Translate Module”,允许上传和提取档案文件到临时目录,但没有正确验证内容,导致远程代码执行。 攻击者需要有特定权限的账户才能利用这个漏洞。已经有一个PoC链接和CVE编号CVE-2025-67886。厂商尚未提供解决方案。 接下来,我需要将这些信息浓缩到100字以内。重点包括:软件名称、漏洞模块、影响版本、漏洞类型(远程代码执行)、攻击条件、CVE编号以及厂商未修复的情况。 要注意语言简洁明了,避免使用复杂的术语,让读者一目了然。 </think> Bitrix24 <= 25.100.300 的“Translate Module”存在远程代码执行漏洞,允许恶意用户上传并执行任意PHP代码。该漏洞影响版本25.100.300及以下,需特定权限账户利用。目前无官方修复方案。 2025-12-16 05:19:57 Author: seclists.org(查看原文) 阅读量:8 收藏
Full Disclosure mailing list archives
From: Egidio Romano <n0b0d13s () gmail com>
Date: Mon, 15 Dec 2025 16:54:24 +0100
----------------------------------------------------------------------------- Bitrix24 <= 25.100.300 (Translate Module) Remote Code Execution Vulnerability ----------------------------------------------------------------------------- [-] Software Link: https://www.bitrix24.com [-] Affected Versions: Version 25.100.300 and prior versions. [-] Vulnerability Description: The vulnerability is located within the "Translate Module", which allows users to upload and extract archive files into a temporary directory. However, the application fails to properly verify the contents of these archives before extracting them. This can be exploited by malicious users to upload and execute arbitrary PHP code by including a PHP file along with a specially crafted .htaccess file within the archive. Successful exploitation of this vulnerability requires an account with "SOURCE" and "WRITE" permissions for the "Translate Module". [-] Proof of Concept: https://karmainsecurity.com/pocs/CVE-2025-67886.php [-] Solution: No official solution is currently available. [-] Disclosure Timeline: [22/10/2025] - Vendor notified, no response [03/11/2025] - Vendor contacted again, no response [12/11/2025] - CVE identifier requested [12/12/2025] - CVE identifier assigned [15/12/2025] - Public disclosure [-] CVE Reference: The Common Vulnerabilities and Exposures program (cve.org) has assigned the name CVE-2025-67886 to this vulnerability. [-] Credits: Vulnerability discovered by Egidio Romano. [-] Original Advisory: http://karmainsecurity.com/KIS-2025-07 _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
Current thread:
- [KIS-2025-07] Bitrix24 <= 25.100.300 (Translate Module) Remote Code Execution Vulnerability Egidio Romano (Dec 15)
文章来源: https://seclists.org/fulldisclosure/2025/Dec/21
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh