CVE-2025-1980 Information

Description

The Ready_ application’s Profile section allows users to upload files of any type and extension without restriction. If the server is misconfigured as it was by default when installed at the turn of 2021 and 2022 it can result in Remote Code Execution. Refer to the Required Configuration for Exposure section for more information.

Reference

https://cert.pl/en/posts/2025/04/CVE-2025-1980 https://cert.pl/posts/2025/04/CVE-2025-1980 https://ready-os.com/pl/