CVE-2025-9109
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-18

Last updated on: 2026-04-29

Assigner: VulDB

Description
A security flaw has been discovered in Portabilis i-Diario up to 1.5.0. Affected by this vulnerability is an unknown functionality of the file /password/email of the component Password Recovery Endpoint. The manipulation results in observable response discrepancy. It is possible to launch the attack remotely. This attack is characterized by high complexity. The exploitation appears to be difficult. The exploit has been released to the public and may be exploited.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-18
Last Modified
2026-04-29
Generated
2026-05-07
AI Q&A
2025-08-18
EPSS Evaluated
2026-05-05
NVD
CVE-2025-9109
EUVD
EUVD-2025-25126
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
portabilis i-diario to 1.5.0 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-204 The product provides different responses to incoming requests in a way that reveals internal state information to an unauthorized actor outside of the intended control sphere.
CWE-203 The product behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which exposes security-relevant information about the state of the product, such as whether a particular operation was successful or not.
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by sending POST requests to the /password/email endpoint with various usernames and analyzing the response messages. Valid usernames return a message like "A password reset link has been sent," while invalid usernames return "We couldn't find a user with that login." A practical detection method is to automate these POST requests and check for response discrepancies indicating user enumeration. For example, using curl commands: curl -X POST -d '[email protected]' https://target-domain/password/email and curl -X POST -d '[email protected]' https://target-domain/password/email, then comparing the responses for differences. [1]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include standardizing the response message from the /password/email endpoint so that it does not reveal whether a username exists. For example, always return a generic message such as "If the email is registered, a reset link will be sent." Additionally, implement rate limiting and CAPTCHA on the password recovery endpoint to prevent automated abuse and reduce the risk of user enumeration attacks. [1]


Can you explain this vulnerability to me?

This vulnerability is a user enumeration flaw in the Password Recovery Endpoint (/password/email) of Portabilis i-Diario up to version 1.5.0. The system responds differently depending on whether a submitted username exists or not, revealing valid user accounts through observable response discrepancies. An attacker can send automated requests to identify valid usernames by analyzing the response messages, which differ for valid and invalid users. [1, 2]


How can this vulnerability impact me? :

The vulnerability allows unauthenticated remote attackers to enumerate valid user accounts, which can facilitate targeted brute-force attacks, credential stuffing, social engineering, and phishing campaigns. It impacts confidentiality by exposing internal system state information. Although exploitation is considered difficult, a public proof-of-concept exploit exists, increasing the risk of abuse. [1, 2]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart