CVE-2026-32985 - Vulnerability Analysis
CriticalCVSS: 9.8Last Updated: March 20, 2026
Xerte Online Toolkits - Remote Code Execution
Overview
Xerte Online Toolkits <= 3.14 contains an unauthenticated arbitrary file upload vulnerability caused by missing authentication checks in template import functionality, letting unauthenticated attackers upload malicious PHP files and achieve remote code execution.
Severity & Score
Impact
Unauthenticated attackers can upload malicious PHP files and execute arbitrary code on the web server, leading to full server compromise.
Mitigation
Update to a version later than 3.14 or the latest available version.
Social Media Activity(2 posts)
🔴 CRITICAL: CVE-2026-32985 in Xerte Online Toolkits ≤3.14 lets attackers upload PHP via import.php and gain RCE — no auth needed! Patch ASAP or restrict access, disable PHP in user dirs. Details: https://radar.offseq.com/threat/cve-2026-32985-cwe-306-missing-authentication-for--04629a96 #OffSeq #CVE202632985 #infosec #RCE
View original post
🔴 CRITICAL: CVE-2026-32985 in Xerte Online Toolkits ≤3.14 lets attackers upload PHP via import.php and gain RCE — no auth needed! Patch ASAP or restrict access, disable PHP in user dirs. Details: https://radar.offseq.com/threat/cve-2026-32985-cwe-306-missing-authentication-for--04629a96 #OffSeq #CVE202632985 #infosec #RCE
View original postRelated Resources
Details
- CVE ID
- CVE-2026-32985
- Severity
- Critical
- CVSS Score
- 9.8
- Type
- unrestricted_file_upload
- Status
- new
- EPSS
- 0.0%
- Social Posts
- 2
CWE
- CWE-306
CVSS Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H