CVE-2025-34121

Exploitation Summary

EIP tracks 2 public exploits for CVE-2025-34121. PoCs published by Metasploit, including Metasploit module exploits/multi/http/uptime_file_upload_1.

AI-analyzed exploit summary This Metasploit module exploits an arbitrary file upload vulnerability in Idera Up.Time Monitoring Station 7.0/7.2, allowing unauthenticated attackers to upload and execute PHP payloads via the 'post2file.php' endpoint.

Description

An unauthenticated arbitrary file upload vulnerability exists in Idera Up.Time Monitoring Station versions up to and including 7.2. The `wizards/post2file.php` script accepts arbitrary POST parameters, allowing attackers to upload crafted PHP files to the webroot. Successful exploitation results in remote code execution as the web server user. NOTE: The bypass for this vulnerability is tracked as CVE-2015-9263.

Exploits (2)

exploitdb WORKING POC VERIFIED

by Metasploit · rubyremotephp

https://www.exploit-db.com/exploits/38732

View Code ZIP pw:eip

This Metasploit module exploits an arbitrary file upload vulnerability in Idera Up.Time Monitoring Station 7.0/7.2, allowing unauthenticated attackers to upload and execute PHP payloads via the 'post2file.php' endpoint.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Idera Up.Time Monitoring Station 7.0/7.2

No auth needed

Prerequisites: Network access to the target server · Target running vulnerable version of Up.Time

MITRE ATT&CK

T1105 - Ingress Tool Transfer T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

metasploit WORKING POC EXCELLENT

rubypocphp

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/uptime_file_upload_1.rb

View Code ZIP pw:eip

This Metasploit module exploits an arbitrary file upload vulnerability in Idera Up.Time Monitoring Station 7.0/7.2, allowing unauthenticated attackers to upload and execute PHP payloads via the `post2file.php` endpoint.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Idera Up.Time Monitoring Station 7.0/7.2

No auth needed

Prerequisites: Network access to the target server · Target running vulnerable version of Up.Time

MITRE ATT&CK

T1105 - Ingress Tool Transfer T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4

Core References

Various Sources exploit

https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/http/uptime_file_upload_1.rb

Vendor Advisory third-party-advisory exploit

https://web.archive.org/web/20150210113937/http://www.security-assessment.com/files/documents/advisory/Up.Time%207.2%20-%20Arbitrary%20File%20Upload.pdf

Exploit, Third Party Advisory exploit

https://www.exploit-db.com/exploits/38732

Third Party Advisory third-party-advisory

https://www.vulncheck.com/advisories/idera-uptime-arbitrary-file-upload-rce

Idera Up.Time Monitoring Station <=7.2 - RCE

Exploitation Summary

Description

Exploits (2)

References (4)

Scores

CISA SSVC

Details