Summary

A critical remote code execution (RCE) vulnerability in ShowDoc, a document management and collaboration service, is being actively exploited. The flaw, identified as CVE-2025-0520, poses a significant threat to unpatched servers.

Key Points

• CVE-2025-0520, also known as CNVD-2020-26585, is a critical vulnerability with a CVSS score of 9.4.
• The vulnerability is due to unrestricted file upload stemming from improper validation.
• ShowDoc is a popular service in China, increasing the risk of widespread exploitation.
• The vulnerability is currently being actively exploited in the wild.

Analysis

The active exploitation of CVE-2025-0520 highlights the urgent need for organizations using ShowDoc to apply patches. With a high CVSS score of 9.4, this vulnerability allows attackers to execute arbitrary code, potentially leading to full system compromise. The popularity of ShowDoc in China means that many organizations could be at risk if they have not yet addressed this issue.

Conclusion

IT professionals managing ShowDoc installations should immediately apply any available patches to mitigate the risk of exploitation. Regularly reviewing and updating security measures is crucial to protect against such critical vulnerabilities.