CVE-2025-9005
BaseFortify
Publication date: 2025-08-15
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| mtons | mblog | to 3.5.0 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-209 | The product generates an error message that includes sensitive information about its environment, users, or associated data. |
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
| CWE-NVD-CWE-noinfo |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in mtons mblog up to version 3.5.0, specifically in an unknown function within the /register file. It allows an attacker to remotely cause information exposure through error messages. The attack complexity is high and exploitability is difficult, but the exploit has been publicly disclosed and may be used.
How can this vulnerability impact me? :
The vulnerability can lead to information exposure, which means sensitive data might be revealed unintentionally through error messages. Although the attack is complex and difficult to exploit, if successfully exploited remotely, it could compromise confidentiality of information.