CVE-2025-24019

HIGH EPSS 42.8%
Published Jan 21, 20251y ago · Modified Jun 17, 20261w ago
7.1 CVSS 3.1
High
Find Similar
Published Jan 21, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

YesWiki is a wiki system written in PHP. In versions up to and including 4.4.5, it is possible for any authenticated user, through the use of the filemanager to delete any file owned by the user running the FastCGI Process Manager (FPM) on the host without any limitation on the filesystem's scope. This vulnerability allows any authenticated user to arbitrarily remove content from the Wiki resulting in partial loss of data and defacement/deterioration of the website. In the context of a container installation of YesWiki without any modification, the `yeswiki` files (for example .php) are not owned by the same user (root) as the one running the FPM process (www-data). However in a standard installation, www-data may also be the owner of the PHP files, allowing a malicious user to completely cut the access to the wiki by deleting all important PHP files (like index.php or core files of YesWiki). Version 4.5.0 contains a patch for this issue.

CVSS Details

Base Score
7.1
Exploitability
2.8
Impact
4.2
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
Attack Vector Network
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity Low
Availability High

Threat Intelligence

EPSS Exploit Probability
42.8% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 1

CWE-22 Path Traversal Resource Mgmt

Affected Products 1

VendorProductVersionRange
yeswikiyeswiki* <4.5.0

References 2

  • github.com https://github.com/YesWiki/yeswiki/commit/3ddd833d22703caf9025659eb174f7765df7147c
    Patch
  • github.com https://github.com/YesWiki/yeswiki/security/advisories/GHSA-43c9-gw4x-pcx6
    ExploitThird Party Advisory

Remediation

  • github.com https://github.com/YesWiki/yeswiki/commit/3ddd833d22703caf9025659eb174f7765df7147c
    Patch