{"id":64175,"date":"2025-08-19T19:58:46","date_gmt":"2025-08-19T19:58:46","guid":{"rendered":""},"modified":"2025-10-01T12:13:51","modified_gmt":"2025-10-01T18:13:51","slug":"cve-2025-8913-critical-local-file-inclusion-vulnerability-in-wellchoose-s-organization-portal-system","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-8913-critical-local-file-inclusion-vulnerability-in-wellchoose-s-organization-portal-system\/","title":{"rendered":"<strong>CVE-2025-8913: Critical Local File Inclusion Vulnerability in WellChoose&#8217;s Organization Portal System<\/strong>"},"content":{"rendered":"<p><strong>Overview<\/strong><\/p>\n<p>The vulnerability CVE-2025-8913 is a high-risk security flaw that exists in the Organization Portal System developed by WellChoose. This vulnerability, classified as a Local File Inclusion (LFI) type, allows unauthenticated remote attackers to execute arbitrary code on the server. Given the high CVSS score of 9.8, it is crucial for businesses using this <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-54788-sql-injection-vulnerability-in-suitecrm-leading-to-potential-system-compromise-or-data-leakage\/\"  data-wpil-monitor-id=\"80217\">system<\/a> to take immediate action to protect their sensitive data and system integrity.<\/p>\n<p><strong>Vulnerability Summary<\/strong><\/p>\n<p>CVE ID: CVE-2025-8913<br \/>\nSeverity: Critical (9.8 CVSS v3)<br \/>\nAttack Vector: Network<br \/>\nPrivileges Required: None<br \/>\nUser Interaction: None<br \/>\nImpact: <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-27050-memory-corruption-vulnerability-leading-to-potential-system-compromise-and-data-leakage\/\"  data-wpil-monitor-id=\"74956\">Potential system compromise or data<\/a> leakage<\/p>\n<p><strong>Affected Products<\/strong><\/p><div id=\"ameeb-2632815850\" class=\"ameeb-content-2 ameeb-entity-placement\"><div style=\"border-left: 4px solid #555; padding-left: 20px; margin: 48px 0; font-family: Roboto, sans-serif; color: #ffffff; line-height: 1.6; max-width: 700px;\">\r\n  <h2 style=\"margin-top: 0; font-size: 20px; font-weight: 600; display: flex; align-items: center;\">\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\" style=\"display: inline-flex; align-items: center; margin-right: 8px;\">\r\n      <img decoding=\"async\" src=\"https:\/\/www.ameeba.com\/blog\/wp-content\/uploads\/2025\/10\/Best-App-icon-Ameeba.png\" alt=\"Ameeba Chat Icon\" style=\"width: 40px; height: 40px;\" \/>\r\n    <\/a>\r\n    A new way to communicate\r\n  <\/h2>\r\n\r\n  <p style=\"margin-bottom: 12px;\">\r\n    Ameeba Chat is built on encrypted identity, not personal profiles.\r\n  <\/p>\r\n\r\n  <p style=\"margin-bottom: 16px;\">\r\n    Message, call, share files, and coordinate with identities kept separate.\r\n  <\/p>\r\n\r\n  <ul style=\"list-style: none; padding-left: 0; margin-bottom: 20px;\">\r\n    <li>\u2022 Encrypted identity<\/li>\r\n    <li>\u2022 Ameeba Chat authenticates access<\/li>\r\n    <li>\u2022 Aliases and categories<\/li>\r\n    <li>\u2022 End-to-end encrypted chat, calls, and files<\/li>\r\n    <li>\u2022 Secure notes for sensitive information<\/li>\r\n  <\/ul>\r\n\r\n  <p style=\"font-style: italic; font-weight: 600; margin-bottom: 24px;\">\r\n    Private communication, rethought.\r\n  <\/p>\r\n\r\n  <div style=\"display: flex; flex-wrap: wrap; gap: 12px;\">\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\/download\" style=\"background-color: #ffffff; color: #000000; padding: 10px 20px; text-decoration: none; border-radius: 6px; font-weight: 500;\">Download Ameeba Chat<\/a>\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\" style=\"border: 1px solid #ffffff; color: #ffffff; padding: 10px 20px; text-decoration: none; border-radius: 6px; font-weight: 500;\">Learn More<\/a>\r\n  <\/div>\r\n<\/div>\r\n<\/div>\n<p>Product | Affected Versions<\/p>\n<p>WellChoose Organization Portal System | All <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-55010-arbitrary-php-object-instantiation-in-kanboard-prior-to-version-1-2-47\/\"  data-wpil-monitor-id=\"77924\">versions prior<\/a> to patch<\/p>\n<p><strong>How the Exploit Works<\/strong><\/p>\n<p>The WellChoose Organization Portal System contains a flaw that allows a remote attacker to include and execute <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-52239-arbitrary-file-upload-vulnerability-in-zkeacms-v4-1\/\"  data-wpil-monitor-id=\"74551\">arbitrary local files<\/a> on the server. This is <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-40743-unauthorized-vnc-access-in-sinumerik-systems-due-to-insufficient-password-verification\/\"  data-wpil-monitor-id=\"80332\">due to insufficient<\/a> sanitization of user-supplied input. An attacker can easily manipulate the input to point to any file on the server, <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-47168-use-after-free-vulnerability-in-microsoft-office-word-allowing-unauthorized-code-execution\/\"  data-wpil-monitor-id=\"73199\">allowing them to execute arbitrary PHP code<\/a>. Given that no authentication is required, the attacker can <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-9866-google-chrome-extensions-content-security-policy-bypass-vulnerability\/\"  data-wpil-monitor-id=\"86615\">bypass any security<\/a> measures in place and execute their payload undetected.<\/p>\n<p><strong>Conceptual Example Code<\/strong><\/p><div id=\"ameeb-2114062606\" class=\"ameeb-content ameeb-entity-placement\"><div class=\"poptin-embedded\" data-id=\"f6b387694f681\"><\/div>\r\n\r\n\r\n\r\n\r\n\r\n<\/div>\n<p>Here is a conceptual example of how an attacker might exploit this vulnerability. The <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2024-9408-server-side-request-forgery-attack-in-eclipse-glassfish\/\"  data-wpil-monitor-id=\"77383\">attacker sends a malicious HTTP request<\/a> that contains the path to a file they want to include:<\/p>\n<pre><code class=\"\" data-line=\"\">GET \/index.php?file=..\/..\/..\/..\/etc\/passwd HTTP\/1.1\nHost: vulnerable-website.com<\/code><\/pre>\n<p>In this example, the <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-25268-unauthenticated-adjacent-attacker-accessing-api-endpoint\/\"  data-wpil-monitor-id=\"77706\">attacker attempts to access<\/a> the `\/etc\/passwd` file &#8211; a standard Unix-like operating system file that contains the essential details about each user registered on the system. If successful, the attacker could view sensitive information or even include malicious <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-50754-stored-cross-site-scripting-xss-vulnerability-leading-to-remote-code-execution-in-unisite-cms-5-0\/\"  data-wpil-monitor-id=\"74673\">scripts for execution<\/a>.<\/p>\n<p><strong>Mitigation<\/strong><\/p>\n<p>To mitigate this vulnerability, it is strongly recommended to apply the latest vendor patch released by WellChoose. Until the patch can be applied, a temporary mitigation strategy could involve using a Web Application Firewall (WAF) or an Intrusion Detection System (IDS) to detect and prevent exploitation attempts. Additionally, ensure that your systems are always updated, and follow best practices for secure <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-30327-integer-overflow-vulnerability-in-incopy-leading-to-potential-arbitrary-code-execution\/\"  data-wpil-monitor-id=\"73682\">coding to prevent similar vulnerabilities<\/a> in the future.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Overview The vulnerability CVE-2025-8913 is a high-risk security flaw that exists in the Organization Portal System developed by WellChoose. This vulnerability, classified as a Local File Inclusion (LFI) type, allows unauthenticated remote attackers to execute arbitrary code on the server. Given the high CVSS score of 9.8, it is crucial for businesses using this system [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"footnotes":""},"categories":[1],"tags":[],"vendor":[],"product":[],"attack_vector":[],"asset_type":[],"severity":[],"exploit_status":[],"class_list":["post-64175","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/64175","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/comments?post=64175"}],"version-history":[{"count":11,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/64175\/revisions"}],"predecessor-version":[{"id":79455,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/64175\/revisions\/79455"}],"wp:attachment":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/media?parent=64175"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/categories?post=64175"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/tags?post=64175"},{"taxonomy":"vendor","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/vendor?post=64175"},{"taxonomy":"product","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/product?post=64175"},{"taxonomy":"attack_vector","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/attack_vector?post=64175"},{"taxonomy":"asset_type","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/asset_type?post=64175"},{"taxonomy":"severity","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/severity?post=64175"},{"taxonomy":"exploit_status","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/exploit_status?post=64175"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}