Census CSWeb 8.0.1 Arbitrary File Upload Vulnerability
A remote, authenticated attacker can exploit an arbitrary file upload vulnerability in Census CSWeb 8.0.1 (CVE-2025-60947) to upload malicious files, potentially leading to remote code execution.
Census CSWeb 8.0.1 is vulnerable to an arbitrary file upload vulnerability (CVE-2025-60947). An authenticated attacker can leverage this vulnerability to upload malicious files to the server. Successful exploitation could allow the attacker to achieve remote code execution on the targeted system. The vulnerability was patched in version 8.1.0 alpha. This poses a significant risk to organizations using the affected CSWeb version, potentially leading to data breaches, system compromise, and…
Detection coverage 2
Detect Suspicious File Uploads via Webserver Logs
highDetects attempts to upload files with suspicious extensions via web server logs.
Detect Web Shell Uploads
highDetects potential web shell uploads by monitoring for POST requests with common web shell file extensions and a 200 OK response.
Detection queries are kept inside the platform. Get full rules →