-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AIMiggo AIRoot Cause AnalysisThe vulnerability, CVE-2025-43750, is an unrestricted file upload issue in Liferay Portal. The analysis of the provided patches, specifically commit 7f58439723c8373e038d5060d0bc58ff2475bdc5, reveals that the root cause is a missing MIME type validation when a guest user uploads a file through a form.
The primary vulnerable function is com.liferay.dynamic.data.mapping.form.web.internal.portlet.action.DDMFormUploadFileEntryHandler.upload. This function is responsible for handling the file upload itself. The patch adds a crucial validation step by calling _dlValidator.validateFileMimeType(). Before this change, the function would accept files without checking their MIME type, allowing an attacker to upload potentially malicious files (e.g., a web shell) by simply changing the file extension to an allowed one while the actual content remains dangerous.
The second identified function, com.liferay.dynamic.data.mapping.form.web.internal.portlet.action.UploadFileEntryMVCActionCommand.doProcessAction, is the MVC action command that gets triggered by the user's request to upload a file. This function orchestrates the process and ultimately calls the vulnerable upload method. Therefore, it is a key runtime indicator that would appear in a profiler or stack trace during exploitation.
The fix is confirmed by the test commit b9e57377cb88bad1775beab50558cc2bd5a9758e, which adds an integration test to ensure that uploads with invalid MIME types are correctly blocked.
In summary, a security engineer should monitor for executions of DDMFormUploadFileEntryHandler.upload and its caller UploadFileEntryMVCActionCommand.doProcessAction as indicators of potential exploitation of this vulnerability in unpatched Liferay Portal versions.
| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| com.liferay:com.liferay.dynamic.data.mapping.form.web | maven | < 4.0.180 | 4.0.180 |