CVE-2025-15589 identifies a path traversal vulnerability in MuYuCMS version 2.7, located in the delete_dir_file function within the Template Management Page component (application/admin/controller/Template.php). The vulnerability arises from improper validation or sanitization of the temn/tp argument, which attackers can manipulate to traverse directories outside the intended scope. This flaw enables remote attackers to delete arbitrary files or directories on the server by crafting malicious requests targeting this function. The vulnerability requires high privileges (PR:H) but does not require authentication (AT:N) or user interaction (UI:N), indicating that an attacker with elevated access could exploit it remotely without user involvement. The CVSS 4.0 vector indicates no impact on confidentiality or integrity but low impact on availability, suggesting that the primary risk is disruption through deletion of files. The vendor was notified early but did not respond, and no patches have been released yet. Although no known exploits are currently in the wild, the public disclosure increases the likelihood of exploitation attempts. The vulnerability affects only MuYuCMS version 2.7, a content management system used primarily in certain markets. The lack of vendor response and absence of patches necessitate immediate mitigation efforts by users.

The primary impact of this vulnerability is the potential deletion of arbitrary files or directories on affected servers, which can lead to partial or full service disruption. This could cause website downtime, loss of critical template files, or corruption of the CMS installation, impacting availability. Since the vulnerability does not affect confidentiality or integrity directly, data theft or unauthorized data modification is less likely. However, the deletion of files could indirectly lead to integrity issues if backups are not available or if critical system files are removed. Organizations relying on MuYuCMS 2.7 for their web presence or internal portals could face operational disruptions, reputational damage, and increased recovery costs. The requirement for high privileges to exploit the vulnerability limits the attack surface but does not eliminate risk, especially in environments where administrative access is not tightly controlled. The public disclosure without a vendor patch increases the urgency for mitigation to prevent exploitation by opportunistic attackers.

1. Immediately restrict access to the Template Management Page and the delete_dir_file function to trusted administrators only, using network segmentation and access control lists. 2. Implement strict input validation and sanitization on the temn/tp parameter at the application or web server level to block path traversal characters such as '../'. 3. Employ web application firewalls (WAFs) with custom rules to detect and block suspicious path traversal attempts targeting the vulnerable endpoint. 4. Regularly back up all CMS files and templates to enable rapid recovery in case of file deletion. 5. Monitor server and application logs for unusual deletion requests or errors related to template files. 6. If possible, disable or remove the delete_dir_file functionality temporarily until a vendor patch is available. 7. Limit administrative privileges strictly to reduce the risk of exploitation by insiders or compromised accounts. 8. Stay alert for vendor updates or community patches and apply them promptly once available. 9. Conduct security audits and penetration tests focusing on path traversal and file deletion vulnerabilities within the CMS environment.