Fireshare Public Uploads feature is vulnerable to OS Command Injection...

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

Fireshare facilitates self-hosted media and link sharing. Versions 1.2.30 and below allow an authenticated user, or unauthenticated user if the Public Uploads setting is enabled, to craft a malicious filename when uploading a video file. The malicious filename is then concatenated directly into a shell command, which can be used for uploading files to arbitrary directories via path traversal, or executing system commands for Remote Code Execution (RCE). This issue is fixed in version 1.3.0.

AI Analysis

Fireshare is vulnerable to OS Command Injection (RCE) due to a malicious filename being concatenated into a shell command, allowing file uploads to arbitrary directories or execution of system commands.

Basic Information

ID CVE-2025-67728

Source GitHub_M

Published Dec 12, 2025 at 07:10

Affected Product

Vendor ShaneIsrael

Product fireshare

Version < 1.3.0

Affected Versions ShaneIsrael fireshare < 1.3.0

CWE Classification

CWE-77

AI Assessment

AI Score 9.8 / 10

AI Severity Critical

Vendor ShaneIsrael

Product Fireshare

Version 1.2.30 and below

References

{
    "lastseen": "",
    "description": "Fireshare facilitates self-hosted media and link sharing. Versions 1.2.30 and below allow an authenticated user, or unauthenticated user if the Public Uploads setting is enabled, to craft a malicious filename when uploading a video file. The malicious filename is then concatenated directly into a shell command, which can be used for uploading files to arbitrary directories via path traversal, or executing system commands for Remote Code Execution (RCE). This issue is fixed in version 1.3.0.",
    "published": "2025-12-12T07:10:55.980Z",
    "modified": "2025-12-12T07:10:55.980Z",
    "type": "cve",
    "title": "Fireshare Public Uploads feature is vulnerable to OS Command Injection (RCE)",
    "source": "GitHub_M",
    "references": "https://github.com/ShaneIsrael/fireshare/security/advisories/GHSA-c4f5-g622-q72m\nhttps://github.com/ShaneIsrael/fireshare/commit/157386c85f6683f89192dae52115069b435b6d34",
    "id": "CVE-2025-67728",
    "bulletinFamily": "",
    "cwe": [
        "CWE-77"
    ],
    "cvelist": null,
    "sourceData": "ShaneIsrael fireshare < 1.3.0",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "fireshare",
    "version": "< 1.3.0",
    "vendor": "ShaneIsrael",
    "ai_description": "Fireshare is vulnerable to OS Command Injection (RCE) due to a malicious filename being concatenated into a shell command, allowing file uploads to arbitrary directories or execution of system commands.",
    "ai_severity": "Critical",
    "ai_vendor": "ShaneIsrael",
    "ai_product": "Fireshare",
    "ai_version": "1.2.30 and below",
    "ai_score": 9.8
}

Fireshare Public Uploads feature is vulnerable to OS Command Injection (RCE)_CVE-2025-67728