CVE Catalog

CVE-2025-65783

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.46%

37th percentile - higher than 37% of all known CVEs

Summary

An arbitrary file upload vulnerability in the /utils/uploadFile component of Hubert Imoveis e Administracao Ltda Hub v2.0 1.27.3 allows attackers to execute arbitrary code by uploading a crafted PDF file.

Risk Assessment

Risk of server compromise through arbitrary code execution, potentially leading to data theft, system modification, or further attacks on the infrastructure.

Recommendation

Immediately update the system to the latest version and implement file type validation and upload restrictions at the application level.

Original NVD description (English source)

An arbitrary file upload vulnerability in the /utils/uploadFile component of Hubert Imoveis e Administracao Ltda Hub v2.0 1.27.3 allows attackers to execute arbitrary code via uploading a crafted PDF file.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS