8.1

CVSS Score

3.1

-

CVSS Score

Basic Information

CVE ID

CVE-2025-23209

GHSA ID

GHSA-x684-96hh-833x

EPSS Score

0.88229%

CWE

CWE-94

Published

1/21/2025

Updated

1/21/2025

KEV Status

Yes

Technology

PHP

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2025-23209

CVE-2025-23209: Craft CMS has a potential RCE with a compromised security key

Impact

This is an RCE vulnerability that affects Craft 4 and 5 installs where your security key has already been compromised.

https://craftcms.com/knowledge-base/securing-craft#keep-your-secrets-secret

Anyone running an unpatched version of Craft with a compromised security key is affected.

Patches

This has been patched in Craft 5.5.8 and 4.13.8.

Workarounds

If you can't update to a patched version, then rotating your security key and ensuring its privacy will help to migitgate the issue.

References

https://github.com/craftcms/cms/commit/e59e22b30c9dd39e5e2c7fe02c147bcbd004e603

(GitHub Advisory)

Miggo Vulnerability Database

→

CVE-2025-23209

CVE-2025-23209:

8.1

CVSS Score

3.1

-

CVSS Score

Basic Information

CVE ID

CVE-2025-23209

GHSA ID

GHSA-x684-96hh-833x

EPSS Score

0.88229%

CWE

CWE-94

Published

1/21/2025

Updated

1/21/2025

KEV Status

Yes

Technology

PHP

Basic Information

CVE ID

GHSA ID

EPSS Score

CWE

Published

Updated

KEV Status

Technology

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
craftcms/cms	composer	>= 5.0.0-RC1, < 5.5.5	5.5.8
craftcms/cms	composer	>= 4.0.0-RC1, < 4.13.8	4.13.8

Technical Details

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from insufficient validation in the database restoration process. The commit diff shows added path validation using FileHelper::isWithin, indicating the original code accepted user-controlled 'dbBackupPath' without checks. With a compromised security key, attackers could forge signed requests to execute arbitrary code through malicious database restore operations. The CWE-94 classification and patch context confirm this is a code injection vector via uncontrolled path input.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.W** rul*s *v*il**l* *or Mi**o *ustom*rs only.

Reasoning

*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.*v*il**l* *or Mi**o *ustom*rs only.

8.1

-

Basic Information

Basic Information

Concerned about an active attack path?

CVE-2025-23209: Craft CMS has a potential RCE with a compromised security key

Impact

Patches

Workarounds

References

CVE-2025-23209:

8.1

-

Basic Information

Basic Information

Technical Details

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability IntelligenceMiggo AI

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

CVE-2025-23209: Craft CMS has a potential RCE with a compromised security key

Impact

Patches

Workarounds

References

8.1

8.1

Basic Information

Basic Information

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI

Vulnerability Intelligence
Miggo AI