CVE-2025-50688

A command injection vulnerability exists in TwistedWeb (version 14.0.0) due to improper input sanitization in the file upload functionality. An attacker can exploit this vulnerability by sending a specially crafted HTTP PUT request to upload a malicious file (e.g., a reverse shell script). Once uploaded, the attacker can trigger the execution of arbitrary commands on the target system, allowing for remote code execution. This could lead to escalation of privileges depending on the privileges of the web server process. The attack does not require physical access and can be conducted remotely, posing a significant risk to the confidentiality and integrity of the system.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 3.9 / Impact : 2.5

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://medium.com/@Justinsecure/chained-rce-on-twistedweb-14-0-0-via-command-injection-and-unauthenticated-put-1aa657995b4e	Exploit Third Party Advisory
https://twisted.org/documents/14.0.0/index.html	Product

Configurations

Configuration 1 (hide)

cpe:2.3:a:twistedmatrix:twistedweb:14.0.0:*:*:*:*:*:*:*

History

06 Nov 2025, 18:35

Type	Values Removed	Values Added
First Time		Twistedmatrix Twistedmatrix twistedweb
CPE		cpe:2.3:a:twistedmatrix:twistedweb:14.0.0:::::::*
References	~~() https://medium.com/@Justinsecure/chained-rce-on-twistedweb-14-0-0-via-command-injection-and-unauthenticated-put-1aa657995b4e -~~	() https://medium.com/@Justinsecure/chained-rce-on-twistedweb-14-0-0-via-command-injection-and-unauthenticated-put-1aa657995b4e - Exploit, Third Party Advisory
References	~~() https://twisted.org/documents/14.0.0/index.html -~~	() https://twisted.org/documents/14.0.0/index.html - Product

Information

Published : 2025-08-05 18:15

Updated : 2025-11-06 18:35

NVD link : CVE-2025-50688

Mitre link : CVE-2025-50688

CVE.ORG link : CVE-2025-50688

JSON object : View

Products Affected

twistedmatrix

twistedweb

CWE

CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

{"id": "CVE-2025-50688", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 2.5, "exploitabilityScore": 3.9}]}, "published": "2025-08-05T18:15:32.083", "references": [{"url": "https://medium.com/@Justinsecure/chained-rce-on-twistedweb-14-0-0-via-command-injection-and-unauthenticated-put-1aa657995b4e", "tags": ["Exploit", "Third Party Advisory"], "source": "[email protected]"}, {"url": "https://twisted.org/documents/14.0.0/index.html", "tags": ["Product"], "source": "[email protected]"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-77"}]}], "descriptions": [{"lang": "en", "value": "A command injection vulnerability exists in TwistedWeb (version 14.0.0) due to improper input sanitization in the file upload functionality. An attacker can exploit this vulnerability by sending a specially crafted HTTP PUT request to upload a malicious file (e.g., a reverse shell script). Once uploaded, the attacker can trigger the execution of arbitrary commands on the target system, allowing for remote code execution. This could lead to escalation of privileges depending on the privileges of the web server process. The attack does not require physical access and can be conducted remotely, posing a significant risk to the confidentiality and integrity of the system."}, {"lang": "es", "value": "Existe una vulnerabilidad de inyecci\u00f3n de comandos en TwistedWeb (versi\u00f3n 14.0.0) debido a una depuraci\u00f3n incorrecta de la entrada en la funci\u00f3n de carga de archivos. Un atacante puede explotar esta vulnerabilidad enviando una solicitud HTTP PUT especialmente manipulada para cargar un archivo malicioso (por ejemplo, un script de shell inverso). Una vez cargado, el atacante puede activar la ejecuci\u00f3n de comandos arbitrarios en el sistema objetivo, lo que permite la ejecuci\u00f3n remota de c\u00f3digo. Esto podr\u00eda provocar una escalada de privilegios en funci\u00f3n de los privilegios del proceso del servidor web. El ataque no requiere acceso f\u00edsico y puede ejecutarse de forma remota, lo que supone un riesgo significativo para la confidencialidad e integridad del sistema."}], "lastModified": "2025-11-06T18:35:06.397", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:twistedmatrix:twistedweb:14.0.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F3089A73-E397-4DF0-909C-B0E100C3BB45"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}