CVE-2025-27893

LOW

Archer Platform <6.14.00202.10024 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-27893. PoCs published by NastyCrow.

AI-analyzed exploit summary This repository provides a detailed writeup for CVE-2025-27893, describing how an authenticated user with record creation privileges can manipulate immutable fields in the Archer Platform by intercepting and modifying a Copy request. The vulnerability allows unauthorized modification of system-generated metadata, impacting data integrity and compliance.

Description

In Archer Platform 6 through 6.14.00202.10024, an authenticated user with record creation privileges can manipulate immutable fields, such as the creation date, by intercepting and modifying a Copy request via a GenericContent/Record.aspx?id= URI. NOTE: the Supplier analyzed the reported exploitation steps and found that, although the user can modify the immutable field, upon switching to View mode the field is reverted to its original value, without anything being saved to the database (and consequently there is no impact).

Exploits (1)

nomisec WRITEUP

by NastyCrow · poc

https://github.com/NastyCrow/CVE-2025-27893

View Code ZIP pw:eip

This repository provides a detailed writeup for CVE-2025-27893, describing how an authenticated user with record creation privileges can manipulate immutable fields in the Archer Platform by intercepting and modifying a Copy request. The vulnerability allows unauthorized modification of system-generated metadata, impacting data integrity and compliance.

Classification

Writeup 100%

Attack Type

Other

Complexity

Moderate

Reliability

Reliable

Target: Archer Platform 6 through 6.14.00202.10024

Auth required

Prerequisites: Authenticated user account with record creation privileges · Access to intercept and modify HTTP requests (e.g., Burp Suite)

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Product

https://archerirm.com

Exploit, Third Party Advisory

https://github.com/NastyCrow/CVE-2025-27893

Scores

CVSS v3 1.8

EPSS 0.0041

EPSS Percentile 32.4%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-472

Status published

Products (1)

archerirm/archer 6.0.0.0 - 6.14.00202.10024

Published Mar 11, 2025

Tracked Since Feb 18, 2026