CVE-2025-70995

HIGH

8.8

Descricao

An issue in Aranda Service Desk Web Edition (ASDK API 8.6) allows authenticated attackers to achieve remote code execution due to improper validation of uploaded files. An authenticated user can upload a crafted web.config file by sending a crafted POST request to /ASDKAPI/api/v8.6/item/addfile, which is processed by the ASP.NET runtime. The uploaded configuration file alters the execution context of the upload directory, enabling compilation and execution of attacker-controlled code (e.g., generation of an .aspx webshell). This allows remote command execution on the server without user interaction beyond authentication, impacting both On-Premise and SaaS deployments. The vendor has fixed the issue in Aranda Service Desk V8 8.30.6.

Detalhes CVE

Pontuacao CVSS v3.18.8

SeveridadeHIGH

Vetor CVSSCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Vetor de ataqueNETWORK

ComplexidadeLOW

Privilegios necessariosLOW

Interacao do usuarioNONE

Publicado3/5/2026

Ultima modificacao3/17/2026

Fontenvd

Avistamentos honeypot0

Fraquezas (CWE)

CWE-94

Referencias

https://docs.arandasoft.com/asdk-api/pages/V1.9/descripcion/adjuntar_archivos.html(cve@mitre.org)

https://docs.arandasoft.com/asdk-v8-release-notes/assets/asdk-v8-release-notes.pdf(cve@mitre.org)

https://github.com/0xcronos/CVE/blob/main/CVE-2025-70995/README.md(cve@mitre.org)

Correlacoes IOC

Sem correlacoes registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.