CVE-2023-53956

HIGH

Flatnux 2021-03.25 - Authenticated Remote Code Execution via File Manager PHP Upload

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-53956. PoCs published by Ömer Hasan Durmuş.

AI-analyzed exploit summary This exploit demonstrates an authenticated file upload vulnerability in flatnux-2021-03.25, allowing an attacker to upload a malicious PHP file via the filemanager.php endpoint. The uploaded file can then be executed to achieve remote code execution (RCE).

Description

Flatnux 2021-03.25 contains an authenticated file upload vulnerability that allows administrative users to upload arbitrary PHP files through the file manager. Attackers with admin credentials can upload malicious PHP scripts to the web root directory, enabling remote code execution on the server.

Exploits (1)

exploitdb WORKING POC
by Ömer Hasan Durmuş · textwebappsphp
https://www.exploit-db.com/exploits/51295

This exploit demonstrates an authenticated file upload vulnerability in flatnux-2021-03.25, allowing an attacker to upload a malicious PHP file via the filemanager.php endpoint. The uploaded file can then be executed to achieve remote code execution (RCE).

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: flatnux 2021-03.25
Auth required
Prerequisites: Valid admin credentials · Access to the filemanager.php endpoint
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Third Party Advisory exploit
https://www.exploit-db.com/exploits/51295

Scores

CVSS v3 8.8
EPSS 0.0066
EPSS Percentile 46.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-434
Status published
Products (1)
altervista/flatnux 2021-03.25
Published Dec 19, 2025
Tracked Since Feb 18, 2026