CVE-2025-34300 - Vulnerability Details - OpenCVE

A template injection vulnerability exists in Sawtooth Software’s Lighthouse Studio versions prior to 9.16.14 via the ciwweb.pl http://ciwweb.pl/ Perl web application. Exploitation allows an unauthenticated attacker can execute arbitrary commands.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Attack Requirements None

User Interaction None

Vulnerable System Confidentiality Impact High

Vulnerable System Integrity Impact High

Vulnerable System Availability Impact High

Subsequent System Confidentiality Impact High

Subsequent System Integrity Impact High

Subsequent System Availability Impact High

No CVSS v3.1

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation poc

Automatable yes

Technical Impact total

No data.

No data.

No data.

References

Link	Providers
https://sawtoothsoftware.com/resources/software-downloads/lighthouse-studio
https://slcyber.io/assetnote-security-research-center/rce-in-the-most-popular-survey-software-youve-never-heard-of/

History

Wed, 16 Jul 2025 15:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Wed, 16 Jul 2025 13:15:00 +0000

Type	Values Removed	Values Added
Description		A template injection vulnerability exists in Sawtooth Software’s Lighthouse Studio versions prior to 9.16.14 via the ciwweb.pl http://ciwweb.pl/ Perl web application. Exploitation allows an unauthenticated attacker can execute arbitrary commands.
Title		Sawtooth Software Lighthouse Studio < 9.16.14 Pre-Authentication RCE
Weaknesses		CWE-1336 CWE-20
References		https://sawtoothsoftware.com/resources/software-downloads/lighthouse-studio https://slcyber.io/assetnote-security-research-center/rce-in-the-most-popular-survey-software-youve-never-heard-of/
Metrics		cvssV4_0 `{'score': 10, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H'}`

MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published: 2025-07-16T12:57:27.400Z

Updated: 2025-07-16T14:38:49.945Z

Reserved: 2025-04-15T19:15:22.582Z

Link: CVE-2025-34300

Vulnrichment

Updated: 2025-07-16T14:27:24.292Z

NVD

Status : Awaiting Analysis

Published: 2025-07-16T13:15:23.823

Modified: 2025-07-16T15:15:26.410

Link: CVE-2025-34300

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-34300", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2025-04-15T19:15:22.582Z", "datePublished": "2025-07-16T12:57:27.400Z", "dateUpdated": "2025-07-16T14:38:49.945Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "modules": ["ciwweb.pl"], "product": "Lighthouse Studio", "vendor": "Sawtooth Software", "versions": [{"lessThan": "9.16.14", "status": "affected", "version": "*", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Adam Kues - Assetnote"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<div>A template injection vulnerability exists in <span style=\"background-color: rgb(255, 255, 255);\">Sawtooth Software\u2019s Lighthouse Studio versions prior to 9.16.14 via the</span> <a target=\"_blank\" rel=\"nofollow\" href=\"http://ciwweb.pl/\">ciwweb.pl</a> Perl web application. Exploitation allows an <span style=\"background-color: rgb(255, 255, 255);\">unauthenticated attacker can execute arbitrary commands.</span></div>"}], "value": "A template injection vulnerability exists in Sawtooth Software\u2019s Lighthouse Studio versions prior to 9.16.14 via the\u00a0 ciwweb.pl http://ciwweb.pl/ \u00a0Perl web application. Exploitation allows an\u00a0unauthenticated attacker can execute arbitrary commands."}], "impacts": [{"capecId": "CAPEC-242", "descriptions": [{"lang": "en", "value": "CAPEC-242 Code Injection"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 10, "baseSeverity": "CRITICAL", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-1336", "description": "CWE-1336 Improper Neutralization of Special Elements Used in a Template Engine", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2025-07-16T12:57:27.400Z"}, "references": [{"tags": ["product", "patch"], "url": "https://sawtoothsoftware.com/resources/software-downloads/lighthouse-studio"}, {"tags": ["technical-description"], "url": "https://slcyber.io/assetnote-security-research-center/rce-in-the-most-popular-survey-software-youve-never-heard-of/"}], "source": {"discovery": "UNKNOWN"}, "title": "Sawtooth Software Lighthouse Studio < 9.16.14 Pre-Authentication RCE", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"references": [{"url": "https://slcyber.io/assetnote-security-research-center/rce-in-the-most-popular-survey-software-youve-never-heard-of/", "tags": ["exploit"]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-07-16T14:27:13.741661Z", "id": "CVE-2025-34300", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-16T14:38:49.945Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-34300", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2025-04-15T19:15:22.582Z", "datePublished": "2025-07-16T12:57:27.400Z", "dateUpdated": "2025-07-16T14:38:49.945Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "modules": ["ciwweb.pl"], "product": "Lighthouse Studio", "vendor": "Sawtooth Software", "versions": [{"lessThan": "9.16.14", "status": "affected", "version": "*", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Adam Kues - Assetnote"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<div>A template injection vulnerability exists in <span style=\"background-color: rgb(255, 255, 255);\">Sawtooth Software\u2019s Lighthouse Studio versions prior to 9.16.14 via the</span> <a target=\"_blank\" rel=\"nofollow\" href=\"http://ciwweb.pl/\">ciwweb.pl</a> Perl web application. Exploitation allows an <span style=\"background-color: rgb(255, 255, 255);\">unauthenticated attacker can execute arbitrary commands.</span></div>"}], "value": "A template injection vulnerability exists in Sawtooth Software\u2019s Lighthouse Studio versions prior to 9.16.14 via the\u00a0 ciwweb.pl http://ciwweb.pl/ \u00a0Perl web application. Exploitation allows an\u00a0unauthenticated attacker can execute arbitrary commands."}], "impacts": [{"capecId": "CAPEC-242", "descriptions": [{"lang": "en", "value": "CAPEC-242 Code Injection"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 10, "baseSeverity": "CRITICAL", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-20", "description": "CWE-20 Improper Input Validation", "lang": "en", "type": "CWE"}]}, {"descriptions": [{"cweId": "CWE-1336", "description": "CWE-1336 Improper Neutralization of Special Elements Used in a Template Engine", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2025-07-16T12:57:27.400Z"}, "references": [{"tags": ["product", "patch"], "url": "https://sawtoothsoftware.com/resources/software-downloads/lighthouse-studio"}, {"tags": ["technical-description"], "url": "https://slcyber.io/assetnote-security-research-center/rce-in-the-most-popular-survey-software-youve-never-heard-of/"}], "source": {"discovery": "UNKNOWN"}, "title": "Sawtooth Software Lighthouse Studio < 9.16.14 Pre-Authentication RCE", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-34300", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-07-16T14:27:13.741661Z"}}}], "references": [{"url": "https://slcyber.io/assetnote-security-research-center/rce-in-the-most-popular-survey-software-youve-never-heard-of/", "tags": ["exploit"]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-16T14:27:24.292Z"}}]}}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A template injection vulnerability exists in Sawtooth Software\u2019s Lighthouse Studio versions prior to 9.16.14 via the\u00a0 ciwweb.pl http://ciwweb.pl/ \u00a0Perl web application. Exploitation allows an\u00a0unauthenticated attacker can execute arbitrary commands."}], "id": "CVE-2025-34300", "lastModified": "2025-07-16T15:15:26.410", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 10.0, "baseSeverity": "CRITICAL", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "HIGH", "subConfidentialityImpact": "HIGH", "subIntegrityImpact": "HIGH", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "[email protected]", "type": "Secondary"}]}, "published": "2025-07-16T13:15:23.823", "references": [{"source": "[email protected]", "url": "https://sawtoothsoftware.com/resources/software-downloads/lighthouse-studio"}, {"source": "[email protected]", "url": "https://slcyber.io/assetnote-security-research-center/rce-in-the-most-popular-survey-software-youve-never-heard-of/"}, {"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "url": "https://slcyber.io/assetnote-security-research-center/rce-in-the-most-popular-survey-software-youve-never-heard-of/"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}, {"lang": "en", "value": "CWE-1336"}], "source": "[email protected]", "type": "Secondary"}]}