Vulnerability Description
An authenticated remote code execution in Kentico Xperience allows authenticated users Staging Sync Server to upload arbitrary data to path relative locations. This results in path traversal and arbitrary file upload, including content that can be executed server side leading to remote code execution.This issue affects Kentico Xperience through 13.0.178.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Kentico | Xperience | <= 13.0.178 |
Related Weaknesses (CWE)
References
- https://devnet.kentico.com/download/hotfixesPatch
- https://labs.watchtowr.com/bypassing-authentication-like-its-the-90s-pre-auth-rcExploitThird Party Advisory
- https://www.vulncheck.com/advisories/kentico-xperience-staging-media-file-uploadThird Party Advisory
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-US Government Resource
FAQ
What is CVE-2025-2749?
CVE-2025-2749 is a vulnerability with a CVSS score of 7.2 (HIGH). An authenticated remote code execution in Kentico Xperience allows authenticated users Staging Sync Server to upload arbitrary data to path relative locations. This results in path traversal and arbit...
How severe is CVE-2025-2749?
CVE-2025-2749 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-2749?
Check the references section above for vendor advisories and patch information. Affected products include: Kentico Xperience.