PT-2025-17927 · Craft · Craft
Nicolas Bourras
+2
·
Published
2025-04-25
·
Updated
2025-07-24
·
CVE-2025-32432
10
Critical
Base vector | Vector | AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions:
Craft CMS versions 3.0.0-RC1 through 3.9.14
Craft CMS versions 4.0.0-RC1 through 4.14.14
Craft CMS versions 5.0.0-RC1 through 5.6.16
Description:
The issue is related to a remote code execution vulnerability in Craft CMS, which allows unauthenticated attackers to execute arbitrary code on the server. This vulnerability has been exploited in the wild, with approximately 13,000 vulnerable instances and around 300 already compromised. The attackers are using this vulnerability to deploy cryptominers and proxyware, allowing them to generate revenue through cryptocurrency mining and proxy services. The vulnerability is considered high-impact and low-complexity, making it easily exploitable.
Recommendations:
Update to Craft CMS version 3.9.15 or later
Update to Craft CMS version 4.14.15 or later
Update to Craft CMS version 5.6.17 or later
As a temporary workaround, consider disabling any unnecessary plugins or modules to minimize the risk of exploitation.
Exploit
Fix
RCE
Code Injection
Weakness Enumeration
Related Identifiers
Affected Products
References · 147
- 🔥 https://sensepost.com/blog/2025/investigating-an-in-the-wild-campaign-using-rce-in-craftcms · Exploit
- https://github.com/craftcms/cms/commit/e1c85441fa47eeb7c688c2053f25419bc0547b47⭐ 3442 🔗 673 · Patch
- https://osv.dev/vulnerability/CVE-2025-32432 · Vendor Advisory
- https://bdu.fstec.ru/vul/2025-06516 · Security Note
- https://osv.dev/vulnerability/GHSA-f3gw-9ww9-jmc3 · Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-32432 · Security Note
- https://github.com/craftcms/cms/security/advisories/GHSA-f3gw-9ww9-jmc3⭐ 3442 🔗 673 · Note
- https://github.com/craftcms/cms/blob/5.x/CHANGELOG.md#5617---2025-04-10-critical⭐ 3442 🔗 673 · Note
- https://github.com/craftcms/cms/blob/4.x/CHANGELOG.md#41415---2025-04-10-critical⭐ 3442 🔗 673 · Note
- https://github.com/craftcms/cms/blob/3.x/CHANGELOG.md#3915---2025-04-10-critical⭐ 3417 🔗 672 · Note
- https://github.com/craftcms/cms⭐ 3410 🔗 669 · Note
- https://github.com/craftcms/cms/security/advisories/GHSA-4w8r-3xrw-v25g⭐ 3410 🔗 669 · Note
- https://twitter.com/SmarterMSP/status/1919827762040189401 · Twitter Post
- https://twitter.com/syedaquib77/status/1916829630545494512 · Twitter Post
- https://t.me/c/1233397458/60297 · Telegram Post