CVE-2025-32957 is a critical vulnerability classified under CWE-434 (Unrestricted Upload of File with Dangerous Type) affecting baserCMS, a popular website development framework. In versions prior to 5.2.3, the restore function allows authenticated users to upload a ZIP archive, which the application automatically extracts. Within this archive, PHP files are included using require_once without any validation or restriction on the filename or file type. This lack of validation enables an attacker to craft a malicious PHP file inside the ZIP archive that, when included, leads to arbitrary code execution on the server. The vulnerability requires the attacker to have authenticated access to the restore function, but no further user interaction is necessary. The vulnerability impacts the confidentiality and integrity of the affected systems by allowing execution of arbitrary PHP code, potentially leading to data theft, privilege escalation, or further compromise. The vulnerability does not directly affect availability. The issue was publicly disclosed and assigned CVE-2025-32957 with a CVSS v3.1 score of 8.7 (high severity), reflecting its ease of exploitation over the network with low complexity but requiring privileges. The vulnerability has been patched in baserCMS version 5.2.3, and users are strongly advised to upgrade to this or later versions to mitigate the risk.

The vulnerability allows attackers with authenticated access to execute arbitrary PHP code on the server hosting baserCMS, which can lead to full compromise of the web application environment. This could result in unauthorized data access or modification, deployment of backdoors or malware, and lateral movement within the network. Confidentiality is severely impacted as attackers can access sensitive data. Integrity is compromised due to the ability to alter application logic or data. Although availability is not directly affected, attackers could leverage the foothold to disrupt services. Organizations relying on baserCMS for website development and content management are at risk, especially if the restore function is exposed to multiple users or weak authentication controls are in place. The vulnerability's exploitation requires authentication, which somewhat limits the attack surface but does not eliminate the risk, particularly in environments with many users or weak credential management. The scope of affected systems includes all baserCMS installations running versions prior to 5.2.3 that enable the restore function. Given baserCMS's use in various countries, the impact is global but concentrated where the product is popular.

1. Immediate upgrade to baserCMS version 5.2.3 or later, where the vulnerability is patched. 2. Restrict access to the restore function to only highly trusted administrators and enforce strong authentication mechanisms, such as multi-factor authentication. 3. Implement strict file upload validation and filtering at the application or web server level to block potentially dangerous file types, especially PHP files within archives. 4. Monitor and audit restore function usage logs for any suspicious activity or unauthorized uploads. 5. Employ web application firewalls (WAFs) with rules to detect and block malicious file uploads or unusual restore operations. 6. Conduct regular security assessments and penetration testing focused on file upload and restore functionalities. 7. Isolate baserCMS instances in segmented network zones to limit lateral movement if compromise occurs. 8. Educate administrators about the risks of uploading untrusted archives and enforce policies to verify archive contents before restoration.