What is CVE-2025-34300?

A critical template injection vulnerability in Sawtooth Software’s Lighthouse Studio allows unauthenticated attackers to execute arbitrary commands. Organizations must prioritize remediation to prevent exploitation.

What is the severity of CVE-2025-34300?

CVE-2025-34300 has a severity rating of CRITICAL with a CVSS base score of 10.

CVE-2025-34300 | Critical Vulnerability in Sawtooth Software Lighthouse Studio

A template injection vulnerability exists in Sawtooth Software’s Lighthouse Studio versions prior to 9.16.14 via the ciwweb.pl Perl web application. Exploitation allows an unauthenticated attacker to execute arbitrary commands. This vulnerability poses a critical risk due to its exploitability and the potential for significant impact on affected systems.

With a CVSS score of 10, this vulnerability is classified as critical. Organizations using affected versions of Lighthouse Studio must act swiftly to mitigate risks associated with unauthorized command execution. The urgency for defenders is high, as attackers may leverage this vulnerability to gain control over systems.

Given the critical severity and exploitability of CVE-2025-34300, organizations should prioritize patching immediately. Ensuring systems are updated to the latest version is crucial to safeguarding sensitive data and maintaining the integrity of operations.

The existence of a public proof of concept on GitHub further underscores the need for swift action. Organizations are strongly advised to review their deployment of Lighthouse Studio and apply necessary updates without delay.

Vulnerability Details

CVE-2025-34300 is classified as a template injection vulnerability, allowing attackers to execute arbitrary commands through the ciwweb.pl Perl web application. The vulnerability affects all versions prior to 9.16.14. The issue was published on July 16, 2025, and is associated with CWE-20 (Improper Input Validation) and CWE-1336 (Command Injection).

Technical Analysis

The root cause of this vulnerability stems from inadequate input validation in the ciwweb.pl application, allowing attackers to inject malicious commands. The attack vector is network-based, requiring no user interaction, and has low complexity. Attackers do not need any privileges to exploit this vulnerability, which results in high impacts across confidentiality, integrity, and availability.

Risk & Impact Analysis

Organizations utilizing Sawtooth Software’s Lighthouse Studio are at significant risk if they are running vulnerable versions. Given the potential for command execution, the blast radius is considerable, affecting not only individual systems but potentially entire networks. With a critical CVSS score and evidence of exploit availability, organizations must address this vulnerability as part of their immediate patch cycle.

Exploitation Status

Signal	Status
Known Exploit	Yes
Public PoC	Yes
Actively Exploited	No
Ransomware Use	No

Affected Versions

All versions prior to 9.16.14 of Sawtooth Software’s Lighthouse Studio are affected by this vulnerability. Organizations must ensure they are running the latest version to mitigate risk.

Mitigation & Remediation

To remediate this vulnerability, organizations should upgrade to Lighthouse Studio version 9.16.14 or later. If immediate patching is not possible, consider implementing network controls to restrict access to the vulnerable component as a temporary measure. Regular monitoring of logs for unusual activity may also help identify potential exploitation attempts.

Organizations should validate remediation through penetration testing to identify similar weaknesses.

Detection Guidance

Organizations should monitor logs for indicators of exploitation, such as unusual command execution patterns or unexpected application behavior. Behavioral anomalies may suggest attempts to exploit the vulnerability, and network signatures can help identify unauthorized access attempts.

AppSecure Threat Intelligence Insight

The long-term significance of CVE-2025-34300 highlights the importance of secure coding practices and robust input validation mechanisms. This incident serves as a reminder for organizations to routinely review their software for vulnerabilities and implement comprehensive security assessments. Security teams should learn from this incident to prevent similar vulnerabilities in future releases.

For continuous improvement in security posture, consider engaging with external experts through red teaming services and continuous penetration testing to identify potential weaknesses before they can be exploited.

Adopting a proactive security strategy will help organizations stay ahead of emerging threats and vulnerabilities.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2025-34300: Critical Vulnerability in Sawtooth Software Lighthouse Studio