WSO2 Carbon AppUploader Authenticated File Upload Vulnerability (RCE)
CVE-2025-3125 Published on November 5, 2025
Authenticated Arbitrary File Upload in Multiple WSO2 Products via CarbonAppUploader Admin Service Leading to Remote Code Execution
An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper input validation in the CarbonAppUploader admin service endpoint. An authenticated attacker with appropriate privileges can upload a malicious file to a user-controlled location on the server, potentially leading to remote code execution (RCE).
This functionality is restricted by default to admin users; therefore, successful exploitation requires valid credentials with administrative permissions.
Vulnerability Analysis
CVE-2025-3125 can be exploited with network access, and requires user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality and integrity, and a small impact on availability.
Weakness Type
What is an Unrestricted File Upload Vulnerability?
The software allows the attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment.
CVE-2025-3125 has been classified to as an Unrestricted File Upload vulnerability or weakness.
Products Associated with CVE-2025-3125
Want to know whenever a new CVE is published for Wso2 products? stack.watch will email you.
Affected Versions
WSO2 Identity Server:- Before 5.10.0 is unknown.
- Version 5.10.0 and below 5.10.0.360 is affected.
- Version 5.11.0 and below 5.11.0.399 is affected.
- Version 6.0.0 and below 6.0.0.235 is affected.
- Version 6.1.0 and below 6.1.0.230 is affected.
- Version 7.0.0 and below 7.0.0.101 is affected.
- Version 7.1.0 and below 7.1.0.32 is affected.
- Before 6.6.0 is unknown.
- Version 6.6.0 and below 6.6.0.217 is affected.
- Before 2.0.0 is unknown.
- Version 2.0.0 and below 2.0.0.402 is affected.
- Before 5.10.0 is unknown.
- Version 5.10.0 and below 5.10.0.353 is affected.
- Before 3.2.0 is unknown.
- Version 3.2.0 and below 3.2.0.421 is affected.
- Version 3.2.1 and below 3.2.1.41 is affected.
- Version 4.0.0 and below 4.0.0.342 is affected.
- Version 4.1.0 and below 4.1.0.203 is affected.
- Version 4.2.0 and below 4.2.0.142 is affected.
- Version 4.3.0 and below 4.3.0.55 is affected.
- Version 4.4.0 and below 4.4.0.19 is affected.
- Version 4.5.0 and below 4.5.0.2 is affected.
- Version 4.6.0 and below 4.6.0.3 is affected.
- Version 4.5.0 and below 4.5.0.2 is affected.
- Version 4.6.0 and below 4.6.0.3 is affected.
- Version 4.5.0 and below 4.5.0.2 is affected.
- Version 4.6.0 and below 4.6.0.3 is affected.
- Version 4.5.0 and below 4.5.0.2 is affected.
- Version 4.6.0 and below 4.6.0.3 is affected.
- Version 4.7.19 and below 4.7.19.7 is affected.
- Version 4.7.32 and below 4.7.32.5 is affected.
- Version 4.7.35 and below 4.7.35.8 is affected.
- Version 4.7.39 and below 4.7.39.1 is affected.
- Version 4.7.49 and below 4.7.49.4 is affected.
- Version 4.7.52 and below 4.7.52.1 is affected.
- Version 4.10.13 and below 4.10.13.1 is affected.
- Version 4.9.12, <= 4.9.* is unaffected.
- Version 4.10.24, <= * is unaffected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.