CVE-2025-34060

CRITICAL EPSS 48.1%

Published Jul 1, 202512mo ago · Modified Jun 17, 20261w ago

10.0 CVSS 4.0

Critical

Published Jul 1, 2025 12mo ago

Last Modified Jun 17, 2026 1w ago

Description

A PHP objection injection vulnerability exists in the Monero Project’s Laravel-based forum software due to unsafe handling of untrusted input in the /get/image/ endpoint. The application passes a user-supplied link parameter directly to file_get_contents() without validation. MIME type checks using PHP’s finfo can be bypassed via crafted stream filter chains that prepend spoofed headers, allowing access to internal Laravel configuration files. An attacker can extract the APP_KEY from config/app.php, forge encrypted cookies, and trigger unsafe unserialize() calls, leading to reliable remote code execution.

CVSS Details

Base Score

10.0

Exploitability

—

Impact

—

Vector string

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Attack Vector Network

Attack Complexity Low

Privileges Required None

User Interaction None

Scope X

Threat Intelligence

EPSS Exploit Probability

48.1% percentile

Exploit & Patch Status

No Known Exploit

No Patch Available

Weaknesses 3

CWE-20 Improper Input Validation Validation

CWE-502 Deserialization of Untrusted Data Validation

CWE-829

References 2

swap.gs https://swap.gs/posts/monero-forums/
vulncheck.com https://vulncheck.com/advisories/monero-forum-rce

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.