CVE-2025-27515

CRITICAL

Laravel Framework < 11.44.1 and 12.0.0-12.1.1 - Validation Bypass via Wildcard File Field

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-27515. PoCs published by joaovicdev.

AI-analyzed exploit summary This repository contains a proof-of-concept exploit for CVE-2025-27515, demonstrating a file upload validation bypass in Laravel Framework (≤ 12.0.0). The exploit uses a polyglot JPEG+PHP file to bypass MIME type and extension checks, enabling remote code execution.

Description

Laravel is a web application framework. When using wildcard validation to validate a given file or image field (`files.*`), a user-crafted malicious request could potentially bypass the validation rules. This vulnerability is fixed in 11.44.1 and 12.1.1.

Exploits (1)

nomisec WORKING POC 1 stars
by joaovicdev · poc
https://github.com/joaovicdev/EXPLOIT-CVE-2025-27515

This repository contains a proof-of-concept exploit for CVE-2025-27515, demonstrating a file upload validation bypass in Laravel Framework (≤ 12.0.0). The exploit uses a polyglot JPEG+PHP file to bypass MIME type and extension checks, enabling remote code execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Laravel Framework ≤ 12.0.0
No auth needed
Prerequisites: Laravel application with file upload functionality using wildcard validation (files.*)
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 9.8
EPSS 0.0022
EPSS Percentile 44.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-155
Status published
Products (2)
laravel/framework < 11.44.1
laravel/framework 12.0.0 - 12.1.1Packagist
Published Mar 05, 2025
Tracked Since Feb 18, 2026