CVE-2025-0785

CVSS 3.1 Score 3.5 of 10 (low)

Details

Published Jan 28, 2025

CWE ID 94

CWE ID 79

Summary

CVE-2025-0785 is a newly disclosed vulnerability affecting ESAFENET CDG V5. The issue lies in the processing of the /SysConfig.jsp file and results in cross-site scripting (XSS). Attackers can exploit this vulnerability remotely by manipulating arguments, leading to code injection. Despite early notification to the vendor, no response or patch has been provided, increasing the risk for potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/23nWib
https://www.cve.org/CVERecord?id=CVE-2025-0785
https://nvd.nist.gov/vuln/detail/CVE-2025-0785

Back to Vulnerability Database

CVE-2025-0785

CVSS 3.1 Score 3.5 of 10 (low)

Details

Summary

Advisories, Assessments, and Mitigations