Published: 18/03/2025 Updated: 18/03/2025

Authenticated Remote Code Execution in GLPI Web Application via PHP File Upload

GLPI is a free asset and IT management software package. An authenticated user can upload and force the execution of *.php files located on the GLPI server. This vulnerability is fixed in 10.0.18.

Vulnerable Product	Search on Vulmon	Subscribe to Product
glpi-project glpi

CVE-2025-24801 This exploit uses CVE-2025-24801 to get Remote Code Execution (RCE) via Local File Inclusion (LFI) at GLPI 10017 Proof of Concept (PoC) of this CVE with explaination to this vulnerability in GLPI Usage Example of usage python3 cve-2025-24801py --url 1721611130:8080 --username glpi --password password If you a

CVE-2025-24801 Exploit

CVE-2025-24801 PoC for GLPI RCE This repository contains a proof-of-concept script (pocpy) that exploits CVE-2025-24801, an LFI-to-RCE vulnerability in GLPI 10017 It automates: Logging into GLPI Enabling php uploads by updating document type settings Uploading a PHP reverse shell via the AJAX file upload endpoint (Manual) triggering the LFI via PDF font include to execute

CWE-434 https://nvd.nist.gov https://github.com/r1beirin/CVE-2025-24801 https://github.com/fatkz/CVE-2025-24801 https://www.first.org/epss https://github.com/glpi-project/glpi/security/advisories/GHSA-g2p3-33ff-r555

CVE-2025-24801

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect