CVE-2025-61812

Summary

ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Input Validation vulnerability that could allow a high privileged attacker to gain arbitrary code execution. Exploitation of this issue does not require user interaction.

Affected Software

VendorProductVersion RangeStatus
AdobeColdFusion0 <= 2021.22affected

Weaknesses

  • CWE-20: Improper Input Validation (CWE-20)

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References