{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-55010", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2025-08-04T17:34:24.422Z", "datePublished": "2025-08-12T15:57:13.343Z", "dateUpdated": "2025-08-12T16:24:36.343Z"}, "containers": {"cna": {"title": "Kanboard Authenticated Admin Remote Code Execution via Unsafe Deserialization of Events", "problemTypes": [{"descriptions": [{"cweId": "CWE-502", "lang": "en", "description": "CWE-502: Deserialization of Untrusted Data", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/kanboard/kanboard/security/advisories/GHSA-359x-c69j-q64r", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/kanboard/kanboard/security/advisories/GHSA-359x-c69j-q64r"}, {"name": "https://github.com/kanboard/kanboard/commit/7148ac092e5db6b33e0fc35e04bca328d96c1f6f", "tags": ["x_refsource_MISC"], "url": "https://github.com/kanboard/kanboard/commit/7148ac092e5db6b33e0fc35e04bca328d96c1f6f"}, {"name": "https://github.com/kanboard/kanboard/blob/b033c0e0f982f8158e240bce8ab54c29727f8efe/app/Formatter/ProjectActivityEventFormatter.php#L43-L57", "tags": ["x_refsource_MISC"], "url": "https://github.com/kanboard/kanboard/blob/b033c0e0f982f8158e240bce8ab54c29727f8efe/app/Formatter/ProjectActivityEventFormatter.php#L43-L57"}], "affected": [{"vendor": "kanboard", "product": "kanboard", "versions": [{"version": "< 1.2.47", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-08-12T15:57:13.343Z"}, "descriptions": [{"lang": "en", "value": "Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.47, an unsafe deserialization vulnerability in the ProjectEventActvityFormatter allows admin users the ability to instantiate arbitrary php objects by modifying the event[\"data\"] field in the project_activities table. A malicious actor can update this field to use a php gadget to write a web shell into the /plugins folder, which then gives remote code execution on the host system. This issue has been patched in version 1.2.47."}], "source": {"advisory": "GHSA-359x-c69j-q64r", "discovery": "UNKNOWN"}}, "adp": [{"references": [{"url": "https://github.com/kanboard/kanboard/security/advisories/GHSA-359x-c69j-q64r", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-08-12T16:12:27.079857Z", "id": "CVE-2025-55010", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-12T16:24:36.343Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-55010", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-08-12T16:12:27.079857Z"}}}], "references": [{"url": "https://github.com/kanboard/kanboard/security/advisories/GHSA-359x-c69j-q64r", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-12T16:12:29.061Z"}}], "cna": {"title": "Kanboard Authenticated Admin Remote Code Execution via Unsafe Deserialization of Events", "source": {"advisory": "GHSA-359x-c69j-q64r", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "kanboard", "product": "kanboard", "versions": [{"status": "affected", "version": "< 1.2.47"}]}], "references": [{"url": "https://github.com/kanboard/kanboard/security/advisories/GHSA-359x-c69j-q64r", "name": "https://github.com/kanboard/kanboard/security/advisories/GHSA-359x-c69j-q64r", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/kanboard/kanboard/commit/7148ac092e5db6b33e0fc35e04bca328d96c1f6f", "name": "https://github.com/kanboard/kanboard/commit/7148ac092e5db6b33e0fc35e04bca328d96c1f6f", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/kanboard/kanboard/blob/b033c0e0f982f8158e240bce8ab54c29727f8efe/app/Formatter/ProjectActivityEventFormatter.php#L43-L57", "name": "https://github.com/kanboard/kanboard/blob/b033c0e0f982f8158e240bce8ab54c29727f8efe/app/Formatter/ProjectActivityEventFormatter.php#L43-L57", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.47, an unsafe deserialization vulnerability in the ProjectEventActvityFormatter allows admin users the ability to instantiate arbitrary php objects by modifying the event[\"data\"] field in the project_activities table. A malicious actor can update this field to use a php gadget to write a web shell into the /plugins folder, which then gives remote code execution on the host system. This issue has been patched in version 1.2.47."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-502", "description": "CWE-502: Deserialization of Untrusted Data"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-08-12T15:57:13.343Z"}}}, "cveMetadata": {"cveId": "CVE-2025-55010", "state": "PUBLISHED", "dateUpdated": "2025-08-12T16:24:36.343Z", "dateReserved": "2025-08-04T17:34:24.422Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2025-08-12T15:57:13.343Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.47, an unsafe deserialization vulnerability in the ProjectEventActvityFormatter allows admin users the ability to instantiate arbitrary php objects by modifying the event[\"data\"] field in the project_activities table. A malicious actor can update this field to use a php gadget to write a web shell into the /plugins folder, which then gives remote code execution on the host system. This issue has been patched in version 1.2.47."}, {"lang": "es", "value": "Kanboard es un software de gesti\u00f3n de proyectos basado en la metodolog\u00eda Kanban. Antes de la versi\u00f3n 1.2.47, una vulnerabilidad de deserializaci\u00f3n insegura en ProjectEventActvityFormatter permit\u00eda a los administradores instanciar objetos PHP arbitrarios modificando el campo event[\"data\"] en la tabla project_activities. Un atacante puede actualizar este campo para usar un gadget PHP y escribir un shell web en la carpeta /plugins, lo que permite la ejecuci\u00f3n remota de c\u00f3digo en el sistema host. Este problema se ha corregido en la versi\u00f3n 1.2.47."}], "id": "CVE-2025-55010", "lastModified": "2025-08-13T17:34:12.350", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 6.0, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2025-08-12T16:15:28.540", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/kanboard/kanboard/blob/b033c0e0f982f8158e240bce8ab54c29727f8efe/app/Formatter/ProjectActivityEventFormatter.php#L43-L57"}, {"source": "security-advisories@github.com", "url": "https://github.com/kanboard/kanboard/commit/7148ac092e5db6b33e0fc35e04bca328d96c1f6f"}, {"source": "security-advisories@github.com", "url": "https://github.com/kanboard/kanboard/security/advisories/GHSA-359x-c69j-q64r"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "url": "https://github.com/kanboard/kanboard/security/advisories/GHSA-359x-c69j-q64r"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-502"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{}