CVE-2025-6335

Name of the Vulnerable Software and Affected Versions DedeCMS versions up to 5.7.2

Description A critical vulnerability was found in DedeCMS affecting the Template Handler component. The issue resides in some unknown processing of the file /include/dedetag.class.php. Manipulation of the argument notes leads to command injection, and the attack can be initiated remotely. The exploit has been disclosed to the public and may be used.

Recommendations DedeCMS versions prior to 5.7.2: At the moment, there is no information about a newer version that contains a fix for this vulnerability.