Primary

Context

Explorance Blue Authenticated Unrestricted File Upload Vulnerability Allowing Remote Code Execution

Vulnerability

A vulnerability exists in the administrative interface of Explorance Blue, in versions prior to 8.14.9, allowing authenticated users to upload files without proper restrictions. The application fails to adequately limit the types of files that can be uploaded, enabling the introduction of malicious files that could be executed by the server. Under default configurations, this vulnerability could lead to remote code execution.

Impact

Exploitation of this vulnerability allows authenticated users with administrative privileges to upload malicious files that are executed on the server, resulting in remote code execution.

Remediation

Users should upgrade to Explorance Blue version 8.14.9 or later. For self-hosted customers, instructions for upgrading are available in the Explorance Blue Security Advisory for CVE-2025-57794.

Added: Jan 28, 2026, 6:23 PM

Updated: Jan 28, 2026, 7:38 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.8

remediation

0.0

relevance

2.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.8

remediation

0.0

relevance

2.4

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Explorance Blue Authenticated Unrestricted File Upload Vulnerability Allowing Remote Code Execution

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating