CVE-2025-65783

CRITICAL

Hubert Imoveis e Administracao Ltda Hub v2.0-1.27.3 - RCE

Title source: llm

Description

An arbitrary file upload vulnerability in the /utils/uploadFile component of Hubert Imoveis e Administracao Ltda Hub v2.0 1.27.3 allows attackers to execute arbitrary code via uploading a crafted PDF file.

References (3)

Core 3

Core References

Not Applicable

http://hub.com

Product

http://hubert.com

Third Party Advisory

https://github.com/carlos-artmann/vulnerability-research/tree/main/CVE-2025-65783

View Writeup ZIP pw:eip

Scores

CVSS v3 9.8

EPSS 0.0053

EPSS Percentile 40.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact total

Details

CWE

CWE-434

Status published

Products (1)

hubert/hub 2.0.1.27.3

Published Jan 13, 2026

Tracked Since Feb 18, 2026