CVE-2025-45242 is a high-severity vulnerability identified in Rhymix version 2.1.22, involving an arbitrary file deletion flaw. The vulnerability exists in the procFileAdminEditImage method within the /file/file.admin.controller.php file. This flaw allows an unauthenticated attacker to delete arbitrary files on the affected system remotely over the network without requiring user interaction. The CVSS 3.1 base score of 7.7 reflects the significant impact on confidentiality and integrity, with a lower impact on availability. The vulnerability is classified under CWE-922 (Improper Restriction of Operations within the Bounds of a Memory Buffer), indicating that the application fails to properly restrict file operations, enabling attackers to delete files beyond intended scope. Although no known exploits are currently reported in the wild, the lack of authentication and user interaction requirements makes this vulnerability a critical risk if weaponized. The absence of vendor or product details beyond Rhymix v2.1.22 limits precise attribution but suggests the issue is specific to this content management system or web application framework. The vulnerability could be exploited by crafting malicious requests targeting the vulnerable method, potentially leading to deletion of critical files, loss of data integrity, and disruption of service.

For European organizations using Rhymix v2.1.22, this vulnerability poses a significant threat to data integrity and confidentiality. Arbitrary file deletion can lead to loss of critical application files, configuration data, or user content, potentially causing service outages or data breaches. Organizations relying on Rhymix for web content management or other business-critical functions may face operational disruptions, reputational damage, and compliance risks, especially under GDPR regulations that mandate data protection and breach notification. The remote, unauthenticated nature of the vulnerability increases the attack surface, allowing threat actors to exploit it without insider access or user interaction. This could facilitate targeted attacks against European entities, including SMEs and public sector organizations that utilize Rhymix. The lack of known exploits currently provides a window for proactive mitigation, but the high CVSS score indicates that exploitation could have severe consequences if weaponized.

Given the absence of official patches, European organizations should immediately implement compensating controls. These include restricting network access to the affected Rhymix administrative endpoints via firewalls or web application firewalls (WAFs) to limit exposure. Monitoring and logging all requests to /file/file.admin.controller.php can help detect suspicious activity. Organizations should audit file system permissions to ensure the web server process has minimal privileges, preventing deletion of critical files outside designated directories. Applying strict input validation and URL filtering rules at the application or proxy level can reduce exploitation risk. If possible, upgrading to a newer, patched version of Rhymix once available is essential. Regular backups of critical files and configurations should be maintained to enable recovery from potential file deletion attacks. Additionally, organizations should conduct vulnerability scans and penetration tests focused on this issue to identify and remediate exposures proactively.