CVE-2025-20075

CVSS 3.0 Score 7.2 of 10 (high)

Details

Published Feb 18, 2025

CWE ID 918

Summary

CVE-2025-20075 is a server-side request forgery (SSRF) vulnerability affecting FileMegan versions above 3.0.0.0 but below 3.4.0.0. Hackers can exploit this issue to execute arbitrary backend Web API requests, potentially resulting in the rebooting of affected services. This vulnerability poses a significant risk, as an attacker could manipulate the FileMegan server to perform unintended actions or access sensitive data. It is crucial that users upgrade to the patched version as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/3BZloz
https://www.cve.org/CVERecord?id=CVE-2025-20075
https://nvd.nist.gov/vuln/detail/CVE-2025-20075

Back to Vulnerability Database

CVE-2025-20075

CVSS 3.0 Score 7.2 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations