CVE-2025-24288
Awaiting Analysis Awaiting Analysis - Queue
BaseFortify

Publication date: 2025-06-19

Last updated on: 2025-06-23

Assigner: HackerOne

Description
The Versa Director software exposes a number of services by default and allow attackers an easy foothold due to default credentials and multiple accounts (most with sudo access) that utilize the same default credentials. By default, Versa director exposes ssh and postgres to the internet, alongside a host of other services. Versa Networks is not aware of any reported instance where this vulnerability was exploited. Proof of concept for this vulnerability has been disclosed by third party security researchers. Workarounds or Mitigation: Versa recommends the following security controls: 1) Change default passwords to complex passwords 2) Passwords must be complex with at least 8 characters that comprise of upper case, and lower case alphabets, as well as at at least one digit, and one special character 3) Passwords must be changed at least every 90 days 4) Password change history is checked to ensure that the at least the last 5 passwords must be used when changing password. 5) Review and audit logs for all authentication attempts to check for unauthorized/suspicious login attempts and enforce remediation steps.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-06-19
Last Modified
2025-06-23
Generated
2026-05-07
AI Q&A
2025-06-19
EPSS Evaluated
2026-05-05
NVD
CVE-2025-24288
EUVD
EUVD-2025-18666
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-1188 The product initializes or sets a resource with a default that is intended to be changed by the product's installer, administrator, or maintainer, but the default is not secure.
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability impact me? :

If exploited, this vulnerability can lead to unauthorized remote access with high privileges, potentially allowing attackers to fully compromise the system, access sensitive data, and disrupt services.


Can you explain this vulnerability to me?

This vulnerability in Versa Director software arises because it exposes multiple services by default, including ssh and postgres, to the internet. It uses default credentials across multiple accounts, many with sudo access, allowing attackers an easy foothold if they exploit these default passwords.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

Detection can be done by reviewing and auditing logs for all authentication attempts to check for unauthorized or suspicious login attempts. Specific commands depend on the system but generally include checking SSH logs (e.g., 'grep sshd /var/log/auth.log' on Linux) and monitoring PostgreSQL logs for unusual access. Additionally, scanning for exposed services like SSH and PostgreSQL on the network can help identify vulnerable systems.


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include changing all default passwords to complex passwords that are at least 8 characters long and include upper case, lower case letters, digits, and special characters; enforcing password changes at least every 90 days; ensuring password change history checks the last 5 passwords; and continuously reviewing and auditing authentication logs to detect and respond to unauthorized access attempts.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart