Remote Code Execution Vulnerability in Moodle LMS - Moodle
CVE-2025-3641

8.8HIGH

Key Information:

Vendor: Moodle
Status
Vendor: CVE Published:; 25 April 2025

What is CVE-2025-3641?

A security flaw has been identified in Moodle LMS that allows for remote code execution through the Dropbox repository feature. This vulnerability is primarily accessible to users with teacher or manager roles when the Dropbox repository is enabled. This poses significant risks to the integrity and security of the affected Moodle installations, as it may allow unauthorized actions by exploiting this flaw.

References

https://access.redhat.com/security/cve/CVE-2025-3641

vdb-entryx_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=2359735

issue-trackingx_refsource_REDHAT

https://moodle.org/mod/forum/discuss.php?d=467602

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 25, 2025
Vulnerability Reserved
Apr 15, 2025

Credit

Red Hat would like to thank Vincent Schneider for reporting this issue.