CVE-2025-3641
HIGHMoodle < 4.1.18 - Authenticated Remote Code Execution via Dropbox Repository
Title source: llmDescription
A flaw was found in Moodle. A remote code execution risk was identified in the Moodle LMS Dropbox repository. By default, this was only available to teachers and managers on sites with the Dropbox repository enabled.
References (3)
Core 3
Core References
Third Party Advisory vdb-entry
x_refsource_redhat
https://access.redhat.com/security/cve/CVE-2025-3641
Issue Tracking issue-tracking
x_refsource_redhat
https://bugzilla.redhat.com/show_bug.cgi?id=2359735
Vendor Advisory
https://moodle.org/mod/forum/discuss.php?d=467602
Scores
CVSS v3
8.8
EPSS
0.0139
EPSS Percentile
80.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-94
Status
published
Products (2)
moodle/moodle
< 4.1.18
moodle/moodle
0 - 4.1.18Packagist
Published
Apr 25, 2025
Tracked Since
Feb 18, 2026