{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2025-65734", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-03-16T17:24:36.260Z", "dateReserved": "2025-11-18T00:00:00.000Z", "datePublished": "2026-03-16T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-16T16:28:44.508Z"}, "descriptions": [{"lang": "en", "value": "An authenticated arbitrary file upload vulnerability in the Courses/Work Assignments module of gunet Open eClass v3.11, and fixed in v3.13, allows attackers to execute arbitrary code via uploading a crafted SVG file."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://huntr.com/users/apostolides"}, {"url": "https://github.com/apostolides"}, {"url": "https://www.linkedin.com/in/thanos-apostolidis-3255591b1/"}, {"url": "https://huntr.com/bounties/540f743c-fa3e-4be6-9f85-439fff2fc5fe"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-79", "lang": "en", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-16T17:24:16.445174Z", "id": "CVE-2025-65734", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-16T17:24:36.260Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-65734", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-16T17:24:16.445174Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-16T17:24:32.978Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://huntr.com/users/apostolides"}, {"url": "https://github.com/apostolides"}, {"url": "https://www.linkedin.com/in/thanos-apostolidis-3255591b1/"}, {"url": "https://huntr.com/bounties/540f743c-fa3e-4be6-9f85-439fff2fc5fe"}], "descriptions": [{"lang": "en", "value": "An authenticated arbitrary file upload vulnerability in the Courses/Work Assignments module of gunet Open eClass v3.11, and fixed in v3.13, allows attackers to execute arbitrary code via uploading a crafted SVG file."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-16T16:28:44.508Z"}}}, "cveMetadata": {"cveId": "CVE-2025-65734", "state": "PUBLISHED", "dateUpdated": "2026-03-16T17:24:36.260Z", "dateReserved": "2025-11-18T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-03-16T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openeclass:openeclass:*:*:*:*:*:*:*:*", "matchCriteriaId": "08E7B986-4415-4530-A12F-B14BC96AC59F", "versionEndExcluding": "3.13", "versionStartIncluding": "3.11", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An authenticated arbitrary file upload vulnerability in the Courses/Work Assignments module of gunet Open eClass v3.11, and fixed in v3.13, allows attackers to execute arbitrary code via uploading a crafted SVG file."}, {"lang": "es", "value": "Una vulnerabilidad de carga arbitraria de archivos autenticada en el m\u00f3dulo de Cursos/Asignaciones de Trabajo de gunet Open eClass v3.11, y corregida en la v3.13, permite a los atacantes ejecutar c\u00f3digo arbitrario mediante la carga de un archivo SVG manipulado."}], "id": "CVE-2025-65734", "lastModified": "2026-04-17T21:01:15.040", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-16T17:16:28.137", "references": [{"source": "cve@mitre.org", "tags": ["Not Applicable"], "url": "https://github.com/apostolides"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory"], "url": "https://huntr.com/bounties/540f743c-fa3e-4be6-9f85-439fff2fc5fe"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://huntr.com/users/apostolides"}, {"source": "cve@mitre.org", "tags": ["Not Applicable"], "url": "https://www.linkedin.com/in/thanos-apostolidis-3255591b1/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[3.11,3.13)"}}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "open_eclass", "vendor": "gunet"}], "analysis": {"en": {"generated_at": "2026-03-17T11:28:20.583375+00:00", "value": {"mitigation_remediation": ["Upgrade gunet Open eClass to version 3.13 or later to eliminate the defect.", "If an upgrade is not immediately possible, temporarily disable the Courses/Work Assignments module so that no file uploads can occur.", "If the module must remain active, restrict file uploads to non\u2011executable types and configure the server to forbid executing SVG files.", "Continuously monitor upload logs for suspicious activity and apply any additional server\u2011level restrictions you can deploy.", "Check the vendor\u2019s website or security advisories for any additional patches or mitigations."], "summary": {"action": "Immediate Patch", "impact": "Remote Code Execution"}, "threat_synthesis": {"affected_systems": "The vulnerability affects the gunet Open eClass product, specifically version 3.11. The fix was introduced in version 3.13. No other vendors or products are listed as affected.\n", "description_and_impact": "An authenticated arbitrary file upload vulnerability exists in the Courses/Work Assignments module of gunet Open eClass version 3.11. The flaw allows an attacker with valid login credentials to upload a specially crafted SVG file; when processed, the SVG can trigger arbitrary code execution on the server. This attack vector results in the loss of confidentiality, integrity, and potentially availability, as the attacker can execute malicious commands on the application\u2019s host. The weakness is classified as CWE\u201179, indicating improper validation of user\u2011supplied input.", "risk_and_exploitability": "The CVSS score of 5.4 places the vulnerability in the moderate severity range. EPSS data is not available, and the flaw is not listed in the CISA KEV catalog. Because the exploit requires authenticated access and the upload of a malicious SVG, it is feasible for an attacker possessing legitimate credentials to carry it out. Given the potential for remote code execution, the risk is significant for organizations running vulnerable versions."}}}}, "created": "2026-03-17T09:55:31.354668+00:00", "title": "Authenticated Arbitrary File Upload in gunet Open eClass v3.11 Enables Remote Code Execution via SVG", "updated": "2026-03-23T14:00:56.364246+00:00", "vendors": ["gunet", "gunet$PRODUCT$open_eclass"]}