CVE-2025-28091
Published: 28 March 2025
Description
Adversaries may attempt to get a listing of services running on remote hosts and local network infrastructure devices, including those that may be vulnerable to remote software exploitation.
Security Summary
CVE-2025-28091 is a Server-Side Request Forgery (SSRF) vulnerability, classified under CWE-918, affecting maccms10 version 2025.1000.4047. The issue arises via the Add Article functionality, allowing forged requests from the server side. It has a CVSS v3.1 base score of 9.1 (Critical), with vector AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N, indicating network accessibility, low attack complexity, no privileges or user interaction required, unchanged impact scope, high confidentiality and integrity impacts, and no availability impact. The vulnerability was published on 2025-03-28.
Any unauthenticated attacker with network access can exploit this SSRF vulnerability remotely. By leveraging the Add Article feature, an attacker can trick the server into making unauthorized requests, potentially accessing internal services, bypassing firewalls, or interacting with resources not directly exposed to the internet. Successful exploitation enables high-level confidentiality breaches, such as reading sensitive data, and integrity violations, like modifying internal states, without disrupting availability.
Mitigation details and additional technical analysis are provided in advisories at https://www.yuque.com/morysummer/vx41bz/ax55rxv4u3our1ic and https://www.yuque.com/morysummer/vx41bz/xo5w1euakvtgenex. Security practitioners should review these for patching instructions or workarounds specific to maccms10.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
SSRF vulnerability in public-facing maccms10 Add Article feature enables remote unauthenticated exploitation of the application (T1190) and facilitates internal network service discovery by forging requests to non-public resources (T1046).