PT-2026-6602 · Unknown · Chestnutcms

Published

2026-02-05

·

Updated

2026-02-06

·

CVE-2025-70073

CVSS v3.1

7.2

High

VectorAV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions ChestnutCMS versions prior to 1.5.9
Description An issue allows a remote attacker to execute arbitrary code via the template creation function.
Recommendations Update to version 1.5.9 or later.

Fix

RCE

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

CVE-2025-70073

Affected Products

Chestnutcms