Vulnerability Description
Explorance Blue versions prior to 8.14.9 contain an authenticated unrestricted file upload vulnerability in the administrative interface. The application does not adequately restrict uploaded file types, allowing malicious files to be uploaded and executed by the server. This condition enables remote code execution under default configurations.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Explorance | Blue | < 8.14.9 |
Related Weaknesses (CWE)
References
- https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2026/MNDT-2026Third Party Advisory
- https://online-help.explorance.com/blue/articles/security-advisories-(january-20Vendor Advisory
- https://online-help.explorance.com/blue/articles/security-advisory:-cve-2025-577Vendor Advisory
- https://www.explorance.com/products/blueProduct
FAQ
What is CVE-2025-57794?
CVE-2025-57794 is a vulnerability with a CVSS score of 9.1 (CRITICAL). Explorance Blue versions prior to 8.14.9 contain an authenticated unrestricted file upload vulnerability in the administrative interface. The application does not adequately restrict uploaded file typ...
How severe is CVE-2025-57794?
CVE-2025-57794 has been rated CRITICAL with a CVSS base score of 9.1/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2025-57794?
Check the references section above for vendor advisories and patch information. Affected products include: Explorance Blue.