CVE-2025-53833 (GCVE-0-2025-53833)
Vulnerability from cvelistv5
Published
2025-07-14 22:56
Modified
2025-07-15 19:49
Severity ?
10.0 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
CWE
  • CWE-1336 - Improper Neutralization of Special Elements Used in a Template Engine
Summary
LaRecipe is an application that allows users to create documentation with Markdown inside a Laravel app. Versions prior to 2.8.1 are vulnerable to Server-Side Template Injection (SSTI), which could potentially lead to Remote Code Execution (RCE) in vulnerable configurations. Attackers could execute arbitrary commands on the server, access sensitive environment variables, and/or escalate access depending on server configuration. Users are strongly advised to upgrade to version v2.8.1 or later to receive a patch.
References
security-advisories@github.comhttps://github.com/saleem-hadad/larecipe/commit/c1d0d56889655ce5f2645db5acf0e78d5fc3b36b
security-advisories@github.comhttps://github.com/saleem-hadad/larecipe/pull/390
security-advisories@github.comhttps://github.com/saleem-hadad/larecipe/security/advisories/GHSA-jv7x-xhv2-p5v2
Impacted products
Vendor Product Version
saleem-hadad larecipe Version: < 2.8.1
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-53833",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-15T13:48:08.238989Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-15T19:49:32.713Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "larecipe",
          "vendor": "saleem-hadad",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 2.8.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "LaRecipe is an application that allows users to create documentation with Markdown inside a Laravel app. Versions prior to 2.8.1 are vulnerable to Server-Side Template Injection (SSTI), which could potentially lead to Remote Code Execution (RCE) in vulnerable configurations. Attackers could execute arbitrary commands on the server, access sensitive environment variables, and/or escalate access depending on server configuration. Users are strongly advised to upgrade to version v2.8.1 or later to receive a patch."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1336",
              "description": "CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-14T22:56:38.957Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/saleem-hadad/larecipe/security/advisories/GHSA-jv7x-xhv2-p5v2",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/saleem-hadad/larecipe/security/advisories/GHSA-jv7x-xhv2-p5v2"
        },
        {
          "name": "https://github.com/saleem-hadad/larecipe/pull/390",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/saleem-hadad/larecipe/pull/390"
        },
        {
          "name": "https://github.com/saleem-hadad/larecipe/commit/c1d0d56889655ce5f2645db5acf0e78d5fc3b36b",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/saleem-hadad/larecipe/commit/c1d0d56889655ce5f2645db5acf0e78d5fc3b36b"
        }
      ],
      "source": {
        "advisory": "GHSA-jv7x-xhv2-p5v2",
        "discovery": "UNKNOWN"
      },
      "title": "LaRecipe is vulnerable to Server-Side Template Injection attacks"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-53833",
    "datePublished": "2025-07-14T22:56:38.957Z",
    "dateReserved": "2025-07-09T14:14:52.531Z",
    "dateUpdated": "2025-07-15T19:49:32.713Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-53833\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-07-14T23:15:24.710\",\"lastModified\":\"2025-07-15T13:14:24.053\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"LaRecipe is an application that allows users to create documentation with Markdown inside a Laravel app. Versions prior to 2.8.1 are vulnerable to Server-Side Template Injection (SSTI), which could potentially lead to Remote Code Execution (RCE) in vulnerable configurations. Attackers could execute arbitrary commands on the server, access sensitive environment variables, and/or escalate access depending on server configuration. Users are strongly advised to upgrade to version v2.8.1 or later to receive a patch.\"},{\"lang\":\"es\",\"value\":\"LaRecipe es una aplicaci\u00f3n que permite a los usuarios crear documentaci\u00f3n con Markdown dentro de una aplicaci\u00f3n Laravel. Las versiones anteriores a la 2.8.1 son vulnerables a la inyecci\u00f3n de plantillas del lado del servidor (SSTI), lo que podr\u00eda provocar la ejecuci\u00f3n remota de c\u00f3digo (RCE) en configuraciones vulnerables. Los atacantes podr\u00edan ejecutar comandos arbitrarios en el servidor, acceder a variables de entorno sensibles o escalar el acceso seg\u00fan la configuraci\u00f3n del servidor. Se recomienda encarecidamente a los usuarios actualizar a la versi\u00f3n 2.8.1 o posterior para recibir un parche.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":10.0,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":6.0}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-1336\"}]}],\"references\":[{\"url\":\"https://github.com/saleem-hadad/larecipe/commit/c1d0d56889655ce5f2645db5acf0e78d5fc3b36b\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/saleem-hadad/larecipe/pull/390\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://github.com/saleem-hadad/larecipe/security/advisories/GHSA-jv7x-xhv2-p5v2\",\"source\":\"security-advisories@github.com\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-53833\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-07-15T13:48:08.238989Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-07-15T13:25:47.267Z\"}}], \"cna\": {\"title\": \"LaRecipe is vulnerable to Server-Side Template Injection attacks\", \"source\": {\"advisory\": \"GHSA-jv7x-xhv2-p5v2\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 10, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"saleem-hadad\", \"product\": \"larecipe\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 2.8.1\"}]}], \"references\": [{\"url\": \"https://github.com/saleem-hadad/larecipe/security/advisories/GHSA-jv7x-xhv2-p5v2\", \"name\": \"https://github.com/saleem-hadad/larecipe/security/advisories/GHSA-jv7x-xhv2-p5v2\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/saleem-hadad/larecipe/pull/390\", \"name\": \"https://github.com/saleem-hadad/larecipe/pull/390\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/saleem-hadad/larecipe/commit/c1d0d56889655ce5f2645db5acf0e78d5fc3b36b\", \"name\": \"https://github.com/saleem-hadad/larecipe/commit/c1d0d56889655ce5f2645db5acf0e78d5fc3b36b\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"LaRecipe is an application that allows users to create documentation with Markdown inside a Laravel app. Versions prior to 2.8.1 are vulnerable to Server-Side Template Injection (SSTI), which could potentially lead to Remote Code Execution (RCE) in vulnerable configurations. Attackers could execute arbitrary commands on the server, access sensitive environment variables, and/or escalate access depending on server configuration. Users are strongly advised to upgrade to version v2.8.1 or later to receive a patch.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-1336\", \"description\": \"CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-07-14T22:56:38.957Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-53833\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-07-15T19:49:32.713Z\", \"dateReserved\": \"2025-07-09T14:14:52.531Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-07-14T22:56:38.957Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.