The vulnerability CVE-2025-68001 affects garidium g-FFL Checkout versions up to 2.1.0 and allows an attacker to upload files of dangerous types without restriction. This can be exploited to upload a web shell to the web server, granting the attacker remote code execution capabilities. The CVSS 3.1 base score is 10.0, reflecting a critical risk with network attack vector, no required privileges or user interaction, and complete impact on confidentiality, integrity, and availability. The vulnerability is publicly disclosed but lacks vendor-provided patch or mitigation details.

Successful exploitation allows an unauthenticated attacker to upload arbitrary files, including web shells, to the affected server. This can lead to full compromise of the web server, including remote code execution, data theft, data modification, and denial of service. The critical CVSS score reflects the severity of these impacts. No known exploits in the wild have been reported yet.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, restrict file upload functionality, implement strict file type validation, and apply web application firewall (WAF) rules to detect and block malicious uploads. Monitor for suspicious activity related to file uploads. Avoid exposing the vulnerable version in production environments.