CVE-2025-2304: Camaleon CMS Privilege Escalation

9.4 CVSS

Description

A Privilege Escalation through a Mass Assignment exists in Camaleon CMS

When a user wishes to change his password, the 'updated_ajax' method of the UsersController is called. The vulnerability stems from the use of the dangerous permit! method, which allows all parameters to pass through without any filtering.

Classification

CVE ID: CVE-2025-2304

CVSS Base Severity: CRITICAL

CVSS Base Score: 9.4

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Problem Types

CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes

Affected Products

Vendor: owen2345

Product: camaleon-cms

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.06% (probability of being exploited)

EPSS Percentile: 14.64% (scored less or equal to compared to others)

EPSS Date: 2025-04-12 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-2304
https://www.tenable.com/security/research/tra-2025-09
https://github.com/owen2345/camaleon-cms

Timeline

2025-03-14 13:40:22 UTC
CVE

Camaleon CMS Privilege Escalation
2025-03-17 15:15:30 UTC
Github Advisory Database (RubyGems)

[camaleon_cms] Camaleon CMS Vulnerable to Privilege Escalation through a Mass Assignment