CVE-2023-53885

UNKNOWN 0.0

Webutler v3.2 Remote Code Execution via Arbitrary File Upload

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Webutler v3.2 contains a remote code execution vulnerability that allows authenticated administrators to upload PHP files with system command execution. Attackers can upload a PHAR file with embedded system commands to the media browser and execute arbitrary commands by accessing the uploaded file.

CWE	CWE-434
Vendor	webutler
Product	webutler
Published	Dec 15, 2025
Last Updated	Apr 7, 2026

Stay Ahead of the Next One

Get instant alerts for webutler webutler

Be the first to know when new unknown vulnerabilities affecting webutler webutler are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Webutler / Webutler

3.2

References

NVD ↗ CVE.org ↗ EPSS Data ↗

exploit-db.com: https://www.exploit-db.com/exploits/51660 webutler.de: https://webutler.de/en vulncheck.com: https://www.vulncheck.com/advisories/webutler-v-remote-code-execution-via-arbitrary-file-upload

Credits

Mirabbas Ağalarov