CVE-2025-60947 - Vulnerability Analysis
HighCVSS: 8.8Last Updated: March 23, 2026
Census CSWeb - Unrestricted File Upload
Overview
Census CSWeb 8.0.1 contains an unrestricted file upload vulnerability caused by lack of proper validation, letting remote authenticated attackers upload malicious files, potentially leading to remote code execution.
Severity & Score
Impact
Remote authenticated attackers can upload malicious files, potentially leading to remote code execution and full system compromise.
Mitigation
Upgrade to version 8.1.0 alpha or later.
References
Social Media Activity(2 posts)
š CVE-2025-60947 - High (8.8) Census CSWeb 8.0.1 allows arbitrary file upload. A remote, authenticated attacker could upload a malicious file, possibly leading to remote code execution. Fixed in 8.1.0 alpha. š https://www.thehackerwire.com/vulnerability/CVE-2025-60947/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original post
š CVE-2025-60947 - High (8.8) Census CSWeb 8.0.1 allows arbitrary file upload. A remote, authenticated attacker could upload a malicious file, possibly leading to remote code execution. Fixed in 8.1.0 alpha. š https://www.thehackerwire.com/vulnerability/CVE-2025-60947/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
View original postRelated Resources
Details
- CVE ID
- CVE-2025-60947
- Severity
- High
- CVSS Score
- 8.8
- Type
- unrestricted_file_upload
- Status
- new
- EPSS
- 0.0%
- Social Posts
- 2
CWE
- CWE-434
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H