CNNVD-202507-1539 Information

CNNVD ID

CNNVD-202507-1539

Related CVE

CVE-2025-34100

• CNNVD Published: 2025-07-10

Description (Chinese)

BuilderEngine是BuilderEngine公司的一款网络构建工具。 BuilderEngine 3.5.0版本存在安全漏洞，该漏洞源于elFinder 2.0文件管理器中的文件上传问题，可能导致远程代码执行。

Description (English)

BuilderEngine is a network construction tool for BuilderEngine. There is a security loophole in version 3.5.0 of BuilderEngine, which stems from document upload problems in the elFinder 2.0 file manager and may lead to remote code execution.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

BuilderEngine

Published

2025-07-10

Last Modified

2026-02-24

References

https://www.exploit-db.com/exploits/40390 https://support.alertlogic.com/hc/en-us/articles/115004703183-BuilderEngine-Content-Management-System-CMS-elFinder-2-0-Arbitrary-File-Upload https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/ https://vulncheck.com/advisories/builder-engine-unauthenticated-arbitrary-file-upload https://access.redhat.com/security/cve/cve-2025-34100 https://nvd.nist.gov/vuln/detail/CVE-2025-34100