Vulnerability Description
An unauthenticated arbitrary file upload vulnerability exists in Tiki Wiki CMS Groupware version 15.1 and earlier via the ELFinder component's default connector (connector.minimal.php), which allows remote attackers to upload and execute malicious PHP scripts in the context of the web server. The vulnerable component does not enforce file type validation, allowing attackers to craft a POST request to upload executable PHP payloads through the ELFinder interface exposed at /vendor_extra/elfinder/.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tiki | Tikiwiki Cms\/Groupware | <= 15.1 |
Related Weaknesses (CWE)
References
- https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/expExploitThird Party Advisory
- https://tiki.org/article434-Security-update-Tiki-15-2-Tiki-14-4-and-Tiki-12-9-reRelease Notes
- https://www.exploit-db.com/exploits/40091ExploitThird Party AdvisoryVDB Entry
- https://www.vulncheck.com/advisories/tiki-wiki-el-finder-unauthenticated-file-upThird Party Advisory
FAQ
What is CVE-2025-34111?
CVE-2025-34111 is a vulnerability with a CVSS score of 9.8 (CRITICAL). An unauthenticated arbitrary file upload vulnerability exists in Tiki Wiki CMS Groupware version 15.1 and earlier via the ELFinder component's default connector (connector.minimal.php), which allows r...
How severe is CVE-2025-34111?
CVE-2025-34111 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2025-34111?
Check the references section above for vendor advisories and patch information. Affected products include: Tiki Tikiwiki Cms\/Groupware.