CVE-2025-48471 – FreeScout Apache Remote Code Execution Vulnerability

May 29, 2025

CVE ID : CVE-2025-48471

Published : May 29, 2025, 4:15 p.m. | 47 minutes ago

Description : FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.179, the application does not check or performs insufficient checking of files uploaded to the application. This allows files to be uploaded with the phtml and phar extensions, which can lead to remote code execution if the Apache web server is used. This issue has been patched in version 1.8.179.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-48472 – FreeScout Access Control Bypass

Next Article CVE-2025-48390 – FreeScout Remote Code Injection Vulnerability

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Smashing Animations Part 4: Optimising SVGs

I test AI tools for a living. Here are 3 image generators I actually use and how

The world’s smallest 65W USB-C charger is my latest travel essential

This Spotlight alternative for Mac is my secret weapon for AI-powered search

Tech prophet Mary Meeker just dropped a massive report on AI trends – here’s your TL;DR

Beyond AEM: How Adobe Sensei Powers the Full Enterprise Experience

Beyond AEM: How Adobe Sensei Powers the Full Enterprise Experience

Simplify Negative Relation Queries with Laravel’s whereDoesntHaveRelation Methods

Cast Model Properties to a Uri Instance in 12.17

My Favorite Obsidian Plugins and Their Hidden Settings

My Favorite Obsidian Plugins and Their Hidden Settings

Rilasciata /e/OS 3.0: Nuova Vita per Android Senza Google, Più Privacy e Controllo per l’Utente

Rilasciata Oracle Linux 9.6: Scopri le Novità e i Miglioramenti nella Sicurezza e nelle Prestazioni

CVE-2025-48471 – FreeScout Apache Remote Code Execution Vulnerability

HPE StoreOnce Faces Critical CVE-2025-37093 Vulnerability — Urges Immediate Patch Upgrade

Google fixes Chrome zero-day with in-the-wild exploit (CVE-2025-5419)

Bitrix24 Supernova Release: Igniting Exponential Growth with Increased Efficiency and Productivity

It turns out you can only change VRAM on Legion Go and Legion Go S handhelds by going into the BIOS — Here’s how it works

Nokia Corteca Scales Wi-Fi Connectivity to Millions of Devices With MongoDB Atlas

CVE-2025-4726 – iSourcecode Placement Management System SQL Injection Vulnerability

Meta Introduces a Machine Learning (ML)-based Approach that Allows to Solve Networking Problems Holistically Across Cross-Layers such as BWE

This stretchable Micro LED display I saw at CES now lives rent free in my head

Microsoft doubles down on Windows 11 — calls for major Copilot+ PC upgrade cycle in 2025

ZOTAC sceglie Manjaro Linux e KDE per la sua nuova console portatile ZOTA GAMING ZONE

CVE-2025-48471 – FreeScout Apache Remote Code Execution Vulnerability

Related Posts