CVE-2025-55010

CRITICAL LAB

Kanboard <1.2.47 - Remote Code Execution

Title source: llm

Description

Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.47, an unsafe deserialization vulnerability in the ProjectEventActvityFormatter allows admin users the ability to instantiate arbitrary php objects by modifying the event["data"] field in the project_activities table. A malicious actor can update this field to use a php gadget to write a web shell into the /plugins folder, which then gives remote code execution on the host system. This issue has been patched in version 1.2.47.

Exploits (1)

github WORKING POC

by exploitintel · pythonpoc

https://github.com/exploitintel/eip-pocs-and-cves/tree/main/CVE-2025-55010

View Code ZIP pw:eip

References (3)

[Product] https://github.com/kanboard/kanboard/blob/b033c0e0f982f8158e240bce8ab54c29727f8efe/app/Formatter/ProjectActivityEventFormatter.php#L43-L57

[Patch] https://github.com/kanboard/kanboard/commit/7148ac092e5db6b33e0fc35e04bca328d96c1f6f

View Patch ZIP pw:eip

[Exploit, Third Party Advisory] https://github.com/kanboard/kanboard/security/advisories/GHSA-359x-c69j-q64r

Related Analysis

Zero to RCE

Five CVEs Case Study

Scores

CVSS v3 9.1

EPSS 0.0436

EPSS Percentile 89.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Lab Environment

EIP LAB

Lab screenshot

patched docker pull ghcr.io/exploitintel/cve-2025-55010-patched:latest

vulnerable docker pull ghcr.io/exploitintel/cve-2025-55010-vulnerable:latest

View in Library GitHub

Details

CWE

CWE-502

Status published

Products (1)

kanboard/kanboard < 1.2.47

Published Aug 12, 2025

Tracked Since Feb 18, 2026