We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2025-54366

FreeScout's deserialization of untrusted data leads to Remote Code Execution



Description

FreeScout is a lightweight free open source help desk and shared inbox built with PHP (Laravel framework). In versions 1.8.185 and below, there is a critical deserialization vulnerability in the /conversation/ajax endpoint that allows authenticated users with knowledge of the APP_KEY to achieve remote code execution. The vulnerability occurs when the application processes the attachments_all and attachments POST parameters through the insecure Helper::decrypt() function, which performs unsafe deserialization of user-controlled data without proper validation. This flaw enables attackers to create arbitrary objects and manipulate their properties, leading to complete compromise of the web application. This is fixed in version 1.8.186.

Reserved 2025-07-21 | Published 2025-07-26 | Updated 2025-07-26 | Assigner GitHub_M


HIGH: 8.6CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Problem types

CWE-502: Deserialization of Untrusted Data

Product status

< 1.8.186
affected

References

github.com/...escout/security/advisories/GHSA-vcc2-6r66-gvvj

github.com/...ommit/9669c57f1ddbee896752d9e16270abfd97b20eb9

cve.org (CVE-2025-54366)

nvd.nist.gov (CVE-2025-54366)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2025-54366

Support options

Helpdesk Chat, Email, Knowledgebase
© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.