Actively Exploited in the Wild

This vulnerability is being actively exploited in the wild.

Primary

Context

XAMPP WebDAV PHP Upload Vulnerability Allowing Remote Code Execution

Vulnerability

Exploited

A remote code execution vulnerability exists in XAMPP version 1.7.3, specifically within its default WebDAV configuration. This vulnerability allows remote authenticated attackers to upload and execute arbitrary PHP code. The WebDAV service, accessible at '/webdav/', accepts HTTP PUT requests using default credentials. Attackers can exploit this by uploading a malicious PHP payload and executing it through a subsequent GET request.

Impact

Exploitation of this vulnerability allows for remote code execution on the server.

Reproduction

To reproduce this vulnerability, upload a PHP payload to the WebDAV service using HTTP PUT requests. This can be done with default WebDAV credentials. After uploading, execute the payload by sending a GET request to the same location where the file was uploaded.

Added: Aug 30, 2025, 2:19 PM

Updated: Aug 30, 2025, 2:19 PM

Vulnerability Rating

Custom Algorithm

spread

8.6

impact

10.0

exploitability

6.9

remediation

0.0

relevance

0.4

threat

9.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.6

impact

10.0

exploitability

6.9

remediation

0.0

relevance

0.4

threat

9.2

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Actively Exploited in the Wild

XAMPP WebDAV PHP Upload Vulnerability Allowing Remote Code Execution

Vulnerability

Impact

Reproduction

Affected Products

Apache Friends XAMPP

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating