CVE-2025-9822
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-03

Last updated on: 2025-09-04

Assigner: Mautic

Description
SummaryA user with administrator rights can change the configuration of the mautic application and extract secrets that are not normally available. ImpactAn administrator who usually does not have access to certain parameters, such as database credentials, can disclose them.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-03
Last Modified
2025-09-04
Generated
2026-06-16
AI Q&A
2025-09-03
EPSS Evaluated
2026-06-15
NVD
CVE-2025-9822
EUVD
EUVD-2025-26505
Affected Vendors & Products
Showing 6 associated CPEs
Vendor Product Version / Range
mautic mautic 4.4.17
mautic mautic 6.0.0-alpha
mautic mautic 4.4.0
mautic mautic 6.0.5
mautic mautic 5.2.8
mautic mautic 5.0.0-alpha
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-283 The product does not properly verify that a critical resource is owned by the proper entity.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-9822 is a moderate severity vulnerability in the Mautic application affecting certain versions. It occurs due to improper verification of resource ownership in the elfinder component. An attacker with administrator privileges can exploit this flaw to change the application's configuration and extract sensitive secrets, such as database credentials, which are normally not accessible even to administrators. [1]

Impact Analysis

This vulnerability allows an attacker with administrator rights to disclose sensitive information like database credentials that should normally be protected. This can lead to unauthorized access to critical data, potentially compromising confidentiality. The impact on integrity is low and there is no impact on availability. [1]

Detection Guidance

This vulnerability affects Mautic application versions 4.4.0 to before 4.4.17, 5.0.0-alpha to before 5.2.8, and 6.0.0-alpha to before 6.0.5. Detection involves identifying if your Mautic installation is running one of these vulnerable versions. You can check the Mautic version by running the command: `php /path/to/mautic/bin/console mautic:version` or by inspecting the version information in the application interface. Additionally, monitoring for unusual configuration changes or unauthorized access attempts by administrator accounts could indicate exploitation attempts. There are no specific network commands provided to detect exploitation of this vulnerability. [1]

Mitigation Strategies

To mitigate this vulnerability, immediately upgrade your Mautic application to a patched version: 4.4.17 or later for the 4.4.x branch, 5.2.8 or later for the 5.x branch, or 6.0.5 or later for the 6.x branch. Restrict administrator privileges to trusted users only, as exploitation requires administrator rights. Monitor and audit administrator activities for suspicious behavior. Applying these updates will fix the improper verification of resource ownership in the elfinder component and prevent unauthorized configuration changes and secret extraction. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-9822. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart