CVE-2025-54962

MEDIUM

OpenPLC Runtime <9cd8f1b - File Upload

Title source: llm

Description

/edit-user in webserver in OpenPLC Runtime 3 through 9cd8f1b allows authenticated users to upload arbitrary files (such as .html or .svg), and these are then publicly accessible under the /static URI.

Exploits (1)

nomisec WORKING POC

by Eyodav · poc

https://github.com/Eyodav/CVE-2025-54962

View Code ZIP pw:eip

References (2)

[Various Sources] https://github.com/Eyodav/OpenPLC-Insecure-File-Upload

[Various Sources] https://github.com/thiagoralves/OpenPLC_v3/blob/9cd8f1b53a50f9d38708096bfc72bcbb1ef47343/webserver/pages.py#L992

Scores

CVSS v3 6.4

EPSS 0.0007

EPSS Percentile 21.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-434

Status published

Products (1)

thiagoralves/OpenPLC_v3 < 9cd8f1b53a50f9d38708096bfc72bcbb1ef47343

Published Aug 04, 2025

Tracked Since Feb 18, 2026