WSO2 Products Arbitrary File Upload Vulnerability in SOAP Admin Services Allowing Remote Code Execution

Vulnerability

A vulnerability allowing arbitrary file upload has been identified in multiple WSO2 products. This issue arises from inadequate validation of uploaded files and their destinations in SOAP admin services. A malicious actor with administrative privileges can exploit this vulnerability by uploading a specially crafted file to a user-controlled location within the deployment. Depending on how the uploaded file is handled, this could lead to remote code execution on the server. By default, only users with administrative access to the affected SOAP services can exploit this vulnerability.

Impact

Exploitation of this vulnerability could result in remote code execution on the server, depending on how the uploaded file is processed.

Added: Nov 5, 2025, 6:23 PM

Updated: Nov 5, 2025, 6:23 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.8

remediation

0.0

relevance

0.9

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.8

remediation

0.0

relevance

0.9

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

WSO2 Products Arbitrary File Upload Vulnerability in SOAP Admin Services Allowing Remote Code Execution

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating