CVE-2025-7877 is a vulnerability identified in Metasoft 美特软件's MetaCRM product, specifically affecting versions 6.4.0 through 6.4.2. The vulnerability arises from improper handling of file uploads via the sendfile.jsp component, where manipulation of the 'File' argument allows an attacker to perform unrestricted file uploads. This flaw enables remote attackers to upload arbitrary files to the server without authentication or user interaction, potentially leading to unauthorized code execution or system compromise. The vulnerability has been publicly disclosed, but no patches or vendor responses have been issued as of the publication date. The CVSS 4.0 base score is 5.3, indicating a medium severity level, with the vector highlighting network attack vector, low attack complexity, no privileges required, no user interaction, and low impact on confidentiality, integrity, and availability. Although no known exploits are currently observed in the wild, the public disclosure increases the risk of exploitation attempts.

For European organizations using MetaCRM versions 6.4.0 to 6.4.2, this vulnerability poses a significant risk. Unrestricted file upload can allow attackers to deploy web shells or malicious scripts, leading to unauthorized access, data theft, or lateral movement within corporate networks. Given that CRM systems often contain sensitive customer data and integrate with other business-critical applications, exploitation could result in confidentiality breaches, data integrity violations, and operational disruptions. The medium CVSS score reflects limited impact on core system functions but does not diminish the potential for targeted attacks that could escalate privileges or disrupt services. Organizations in Europe relying on MetaCRM for customer relationship management should be particularly cautious, as regulatory frameworks like GDPR impose strict data protection requirements, and breaches could lead to substantial fines and reputational damage.

Since no official patches or vendor responses are available, European organizations should implement immediate compensating controls. These include restricting access to the sendfile.jsp endpoint via network segmentation and web application firewalls (WAFs) configured to detect and block suspicious file upload patterns. Implement strict input validation and file type restrictions at the application or proxy level to prevent unauthorized file types from being uploaded. Monitor server logs and file system changes for unusual activity indicative of exploitation attempts. Employ intrusion detection systems (IDS) with signatures tailored to detect known attack vectors targeting unrestricted upload vulnerabilities. Additionally, consider isolating the MetaCRM application environment to limit potential lateral movement if compromise occurs. Organizations should also prepare incident response plans specific to web application compromise and maintain regular backups of critical data to facilitate recovery.