CVE-2025-66571

CRITICAL

UNA CMS <14.0.0-RC4 - Code Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-66571. PoCs published by Egidio Romano.

AI-analyzed exploit summary This exploit leverages a PHP object injection vulnerability in UNA CMS <= 14.0.0-RC4 via the 'profile_id' POST parameter in BxBaseMenuSetAclLevel.php. It uses a crafted serialized object to write a malicious PHP file to the server, enabling remote code execution.

Description

UNA CMS versions 9.0.0-RC1 - 14.0.0-RC4 contain a PHP object injection vulnerability in BxBaseMenuSetAclLevel.php where the profile_id POST parameter is passed to PHP unserialize() without proper handling, allowing remote, unauthenticated attackers to inject arbitrary PHP objects and potentially write and execute arbitrary PHP code.

Exploits (1)

exploitdb WORKING POC
by Egidio Romano · textwebappsmultiple
https://www.exploit-db.com/exploits/52139

This exploit leverages a PHP object injection vulnerability in UNA CMS <= 14.0.0-RC4 via the 'profile_id' POST parameter in BxBaseMenuSetAclLevel.php. It uses a crafted serialized object to write a malicious PHP file to the server, enabling remote code execution.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: UNA CMS <= 14.0.0-RC4
No auth needed
Prerequisites: PHP cURL extension · Network access to the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Exploit, Third Party Advisory exploit
https://www.exploit-db.com/exploits/52139
Various Sources product
https://unacms.com
Various Sources product
https://github.com/unacms/una
Various Sources vdb-entry
https://karmainsecurity.com/KIS-2025-01

Scores

CVSS v4 9.3
EPSS 0.0042
EPSS Percentile 62.6%
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CISA SSVC

Vulnrichment
Exploitation poc
Automatable yes
Technical Impact total

Details

CWE
CWE-502
Status published
Products (2)
None/UNA CMS 9.0.0-RC1 - 14.0.0-RC4
Unknown/UNA CMS 9.0.0-RC1 - 14.0.0-RC4
Published Dec 04, 2025
Tracked Since Feb 18, 2026