Vulnerability Description
An issue in Aranda Service Desk Web Edition (ASDK API 8.6) allows authenticated attackers to achieve remote code execution due to improper validation of uploaded files. An authenticated user can upload a crafted web.config file by sending a crafted POST request to /ASDKAPI/api/v8.6/item/addfile, which is processed by the ASP.NET runtime. The uploaded configuration file alters the execution context of the upload directory, enabling compilation and execution of attacker-controlled code (e.g., generation of an .aspx webshell). This allows remote command execution on the server without user interaction beyond authentication, impacting both On-Premise and SaaS deployments. The vendor has fixed the issue in Aranda Service Desk V8 8.30.6.
CVSS Score
HIGH
Related Weaknesses (CWE)
References
- https://docs.arandasoft.com/asdk-api/pages/V1.9/descripcion/adjuntar_archivos.ht
- https://docs.arandasoft.com/asdk-v8-release-notes/assets/asdk-v8-release-notes.p
- https://github.com/0xcronos/CVE/blob/main/CVE-2025-70995/README.md
FAQ
What is CVE-2025-70995?
CVE-2025-70995 is a vulnerability with a CVSS score of 8.8 (HIGH). An issue in Aranda Service Desk Web Edition (ASDK API 8.6) allows authenticated attackers to achieve remote code execution due to improper validation of uploaded files. An authenticated user can uploa...
How severe is CVE-2025-70995?
CVE-2025-70995 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-70995?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.