CVE-2025-1862

Authenticated Arbitrary File Upload in Multiple WSO2 Products via BPEL Uploader SOAP Service Leading to Remote Code Execution

Description

An arbitrary file upload vulnerability exists in multiple WSO2 products due to improper validation of user-supplied filenames in the BPEL uploader SOAP service endpoint. A malicious actor with administrative privileges can upload arbitrary files to a user-controlled location on the server. By leveraging this vulnerability, an attacker can upload a specially crafted payload and achieve remote code execution (RCE), potentially compromising the server and its data.

INFO

Published Date :

2025-09-26T08:18:21.708Z

Last Modified :

2026-02-26T17:47:54.925Z

Source :

WSO2

AFFECTED PRODUCTS

The following products are affected by CVE-2025-1862 vulnerability.

Vendors	Products
Wso2	Enterprise Integrator Identity Server Identity Server As Key Manager Open Banking Iam

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-1862.

URL	Resource
https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-3992/

CVSS Vulnerability Scoring System

V3.1

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality Impact

Integrity Impact

Availability Impact