CVE Catalog

CVE-2025-61168

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.47%

37th percentile - higher than 37% of all known CVEs

Summary

A vulnerability in the cms_rest.php component of SIGB PMB v8.0.1.14 allows attackers to execute arbitrary code by unserializing an arbitrary file.

Risk Assessment

An attacker can remotely execute arbitrary code on the server, leading to full system compromise, data theft, or service disruption.

Recommendation

Immediately update SIGB PMB to the latest version and apply a security patch to prevent deserialization of untrusted data.

Original NVD description (English source)

An issue in the cms_rest.php component of SIGB PMB v8.0.1.14 allows attackers to execute arbitrary code via unserializing an arbitrary file.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS