CVE-2025-23209 - Craft CMS Code Injection Vulnerability

Vulnerability Name

Craft CMS Code Injection Vulnerability

Description

Craft CMS contains a code injection vulnerability caused by improper validation of the database backup path, ultimately enabling remote code execution.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://github.com/craftcms/cms/security/advisories/GHSA-x684-96hh-833x

https://nvd.nist.gov/vuln/detail/CVE-2025-23209

Related News Articles

Craft CMS RCE exploit chain used in zero-day attacks to steal dataApril 26, 2025

CISA Flags Craft CMS Vulnerability CVE-2025-23209 Amid Active AttacksFebruary 21, 2025

CISA flags Craft CMS code injection flaw as exploited in attacksFebruary 21, 2025