CVE-2025-29331
BaseFortify
Publication date: 2025-06-26
Last updated on: 2025-07-10
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| mhsanaei | 3x-ui | to 2.5.3 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-295 | The product does not validate, or incorrectly validates, a certificate. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-29331 is a vulnerability in 3X-UI versions before v2.5.3 where the management script uses the wget command with the --no-check-certificate option when downloading updates. This disables SSL/TLS certificate verification, allowing an attacker who can intercept the connection (e.g., via man-in-the-middle attacks) to serve a malicious update script. Since the script runs with root privileges, this can lead to arbitrary code execution with full system access. [1, 2]
How can this vulnerability impact me? :
This vulnerability can lead to a complete system compromise because an attacker can execute arbitrary code with root privileges by delivering a malicious update during the download process. This can result in unauthorized control over the affected system, data theft, or further attacks. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
You can detect this vulnerability by checking if the x-ui management script uses wget with the --no-check-certificate option when downloading updates. For example, you can search for this pattern in the script files using commands like: grep -r -- '--no-check-certificate' /path/to/x-ui or grep -r wget /path/to/x-ui | grep -- '--no-check-certificate'. Additionally, monitoring network traffic for unverified HTTPS requests or suspicious update downloads could help identify exploitation attempts. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation is to update 3x-ui to version 2.5.3 or later, where the --no-check-certificate flag has been removed from wget commands, enforcing proper SSL/TLS certificate verification. If updating is not immediately possible, manually edit the x-ui management script to remove the --no-check-certificate option from wget commands to restore certificate validation. Additionally, ensure your system time and root certificates are correct to avoid validation errors. [1, 2]