CVE-2025-43560 – ColdFusion Arbitrary Code Execution Vulnerability

May 13, 2025

CVE ID : CVE-2025-43560

Published : May 13, 2025, 9:16 p.m. | 1 hour, 58 minutes ago

Description : ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. A high-privileged attacker could leverage this vulnerability to bypass security mechanisms and execute code. Exploitation of this issue does not require user interaction and scope is changed.

Severity: 9.1 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-43563 – Adobe ColdFusion File System Read Improper Access Control

Next Article CVE-2025-43561 – ColdFusion Incorrect Authorization Code Execution Vulnerability

Highlights

HPE Performance Cluster Manager Vulnerability Allow Remote Attacker to Bypass Authentication

April 22, 2025

HPE Performance Cluster Manager Vulnerability Allow Remote Attacker to Bypass Authentication

A critical vulnerability in Hewlett Packard Enterprise‘s Performance Cluster Manager has been identified, enabling attackers to remotely bypass authentication safeguards.
The flaw, formally documented …
Read more

Published Date:
Apr 22, 2025 (3 hours, 49 minutes ago)

Vulnerabilities has been mentioned in this article.

CVE-2025-27086

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

This $4 Steam Deck game includes the most-played classics from my childhood — and it will save you paper

Microsoft shares rare look at radical Windows 11 Start menu designs it explored before settling on the least interesting one of the bunch

NVIDIA’s new GPU driver adds DOOM: The Dark Ages support and improves DLSS in Microsoft Flight Simulator 2024

How to install and use Ollama to run AI LLMs on your Windows 11 PC

Community News: Latest PECL Releases (05.13.2025)

Community News: Latest PECL Releases (05.13.2025)

How We Use Epic Branches. Without Breaking Our Flow.

I think the ergonomics of generators is growing on me.

This $4 Steam Deck game includes the most-played classics from my childhood — and it will save you paper

This $4 Steam Deck game includes the most-played classics from my childhood — and it will save you paper

Microsoft shares rare look at radical Windows 11 Start menu designs it explored before settling on the least interesting one of the bunch

NVIDIA’s new GPU driver adds DOOM: The Dark Ages support and improves DLSS in Microsoft Flight Simulator 2024

CVE-2025-43560 – ColdFusion Arbitrary Code Execution Vulnerability

Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

CVE-2025-47705 – Drupal IFrame Remove Filter Cross-Site Scripting (XSS)

Cyberattacks and Industry Vulnerabilities: What 2025 Holds

New Google Cloud Next Agents are Here, and This is What You Should Know

How to Run an Effective Daily Scrum – Tips for Team Members and Managers

timwassenburg/laravel-service-generator

HPE Performance Cluster Manager Vulnerability Allow Remote Attacker to Bypass Authentication

Announcing the AssemblyAI integration for LiveKit

Make Progressive Enhancement and CSS Encapsulation Easier!

CVE-2025-32886 – goTenna Information Disclosure

CVE-2025-43560 – ColdFusion Arbitrary Code Execution Vulnerability

Related Posts