CVE-2025-65783
CriticalCVSS 9.8Exploitation Probability (EPSS)
Low risk37th percentile - higher than 37% of all known CVEs
Summary
An arbitrary file upload vulnerability in the /utils/uploadFile component of Hubert Imoveis e Administracao Ltda Hub v2.0 1.27.3 allows attackers to execute arbitrary code by uploading a crafted PDF file.
Risk Assessment
Risk of server compromise through arbitrary code execution, potentially leading to data theft, system modification, or further attacks on the infrastructure.
Recommendation
Immediately update the system to the latest version and implement file type validation and upload restrictions at the application level.
Original NVD description (English source)
An arbitrary file upload vulnerability in the /utils/uploadFile component of Hubert Imoveis e Administracao Ltda Hub v2.0 1.27.3 allows attackers to execute arbitrary code via uploading a crafted PDF file.

