Vulnerability Management, Patch/Configuration Management

ShowDoc vulnerability actively exploited

Laptop computer displaying data breach warning, highlighting cyber security threats and vulnerabilities in modern technology

A critical security vulnerability in ShowDoc, a document management service popular in China, is now being actively exploited in the wild, according to a recent report by The Hacker News.

The vulnerability, identified as CVE-2025-0520 with a CVSS score of 9.4, allows for unrestricted file uploads due to improper file extension validation. Attackers can exploit this to upload web shells and achieve remote code execution on affected servers. This flaw was present in ShowDoc versions prior to 2.8.7, which was released in October 2020.

While the software has since been updated to version 3.8.1, new details indicate that threat actors are leveraging this older vulnerability. Exploits have been observed targeting a U.S.-based honeypot running a vulnerable version. While most of the over 2,000 identified ShowDoc instances are in China, the active exploitation highlights a trend of targeting N-day vulnerabilities regardless of the install base.

Source: The Hacker News

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds