Code Execution Vulnerability in SIGB PMB by SIGB
CVE-2025-61168

9.8CRITICAL

Key Information:

Vendor: SIGB
Status: SIGB PMB
Vendor: CVE Published:; 25 November 2025

What is CVE-2025-61168?

A security issue in the cms_rest.php component of SIGB PMB v8.0.1.14 enables attackers to exploit unsafe unserialization of files, leading to potential arbitrary code execution on the server. This vulnerability can be exploited if an attacker sends crafted input to the application, allowing them to achieve unauthorized actions or access sensitive data.

References

http://pmb.com

http://sigb.com

https://gist.github.com/ZanyMonk/446f6875a2ceb3decef5ff11...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 25, 2025
Vulnerability Reserved
Sep 26, 2025

JSON