Pmb Services Pmb Platform vulnerabilities
3 known vulnerabilities affecting pmb_services/pmb_platform.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2
Vulnerabilities
Page 1 of 1
CVE-2025-0471P2CRITICALCVSS 9.8v4.0.102025-01-16
CVE-2025-0471 [CRITICAL] CWE-434 CVE-2025-0471: Unrestricted file upload vulnerability in the PMB platform, affecting versions 4.0.10 and above. Thi
Unrestricted file upload vulnerability in the PMB platform, affecting versions 4.0.10 and above. This vulnerability could allow an attacker to upload a file to gain remote access to the machine, being able to access, modify and execute commands freely.
nvd
CVE-2025-0473P3HIGHCVSS 7.5v4.0.102025-01-16
CVE-2025-0473 [HIGH] CWE-459 CVE-2025-0473: Vulnerability in the PMB platform that allows an attacker to persist temporary files on the server,
Vulnerability in the PMB platform that allows an attacker to persist temporary files on the server, affecting versions 4.0.10 and above. This vulnerability exists in the file upload functionality on the ‘/pmb/authorities/import/iimport_authorities’ endpoint. When a file is uploaded via this resource, the server will create a temporary file that will be d
nvd
CVE-2025-0472P3HIGHCVSS 7.5≤ 4.2.132025-01-16
CVE-2025-0472 [HIGH] CWE-200 CVE-2025-0472: Information exposure in the PMB platform affecting versions 4.2.13 and earlier. This vulnerability a
Information exposure in the PMB platform affecting versions 4.2.13 and earlier. This vulnerability allows an attacker to upload a file to the environment and enumerate the internal files of a machine by looking at the request response.
nvd