Cyber Posture

CVE-2025-24337

High

Published: 20 January 2025

Published
20 January 2025
Modified
15 April 2026
KEV Added
Patch
CVSS Score 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0004 12.2th percentile
Risk Priority 17 60% EPSS · 20% KEV · 20% CVSS

Description

Adversaries may search local file systems and remote file shares for files containing insecurely stored credentials.

Security Summary

CVE-2025-24337 is a vulnerability in WriteFreely through version 0.15.1 when MySQL is used as the database backend. It allows local users to discover credentials by reading the config.ini file. The issue carries a CVSS v3.1 base score of 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) and maps to CWE-281.

A local attacker requires access to the host system but no privileges or user interaction to exploit the vulnerability. By reading the config.ini file, the attacker can obtain sensitive credentials, enabling high-impact effects on confidentiality, integrity, and availability as scored by CVSS.

Advisories and patches are detailed in the WriteFreely release notes for v0.15.1 at https://github.com/writefreely/writefreely/releases/tag/v0.15.1, an announcement at https://raphus.social/@TV4Fun/113846757112643161, and the OSS-security mailing list post at https://www.openwall.com/lists/oss-security/2025/01/18/1.

Details

CWE(s)
CWE-281

MITRE ATT&CK Enterprise Techniques

T1552.001 Credentials In Files Credential Access
Adversaries may search local file systems and remote file shares for files containing insecurely stored credentials.
attack.mitre.org →
Why these techniques?

The vulnerability directly enables local credential discovery by allowing unauthenticated reading of sensitive credentials stored in the config.ini file.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References