CVE-2025-52812 is a high-severity vulnerability classified under CWE-98, which involves improper control of filenames used in include or require statements within PHP programs. Specifically, this vulnerability affects the ApusWP Domnoo product, versions up to 1.49. The flaw allows an attacker to perform PHP Local File Inclusion (LFI), which can lead to the inclusion and execution of arbitrary files on the server. Although the description mentions 'PHP Remote File Inclusion,' the actual impact is local file inclusion, meaning the attacker can exploit the vulnerability to include files already present on the server. This can lead to the disclosure of sensitive information, code execution, and potentially full system compromise. The vulnerability has a CVSS 3.1 base score of 8.1, indicating a high severity level. The vector string (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) shows that the attack can be performed remotely over the network without requiring privileges or user interaction, but it requires high attack complexity. The impact affects confidentiality, integrity, and availability, as an attacker can read sensitive files, modify application behavior, and potentially disrupt services. No known exploits are currently reported in the wild, and no patches have been linked yet, which suggests that organizations using this software should be vigilant and prepare to apply fixes once available.

For European organizations using ApusWP Domnoo, this vulnerability poses a significant risk. The ability to include local files remotely can lead to exposure of sensitive data such as configuration files, credentials, or internal logs. This can facilitate further attacks like privilege escalation or lateral movement within the network. Given the high confidentiality, integrity, and availability impact, critical services relying on Domnoo could be disrupted or compromised. Sectors such as finance, healthcare, government, and critical infrastructure in Europe are particularly at risk due to the sensitive nature of their data and regulatory requirements like GDPR. Exploitation could lead to data breaches, service outages, and compliance violations, resulting in financial penalties and reputational damage.

1. Immediate mitigation should include restricting access to vulnerable endpoints by implementing web application firewalls (WAFs) with rules to detect and block suspicious include/require parameter manipulations. 2. Employ strict input validation and sanitization on all user-supplied inputs that influence file inclusion logic to prevent unauthorized file paths. 3. Disable PHP functions that facilitate file inclusion if not required, such as 'include', 'require', 'include_once', and 'require_once', or use allowlists for included files. 4. Isolate the application environment using containerization or sandboxing to limit the impact of a successful exploit. 5. Monitor logs for unusual file access patterns or errors indicative of attempted exploitation. 6. Stay alert for official patches or updates from ApusWP and apply them promptly once released. 7. Conduct code reviews and security testing focusing on file inclusion mechanisms to identify and remediate similar issues proactively.