CVE-2025-34156
BaseFortify
Publication date: 2025-10-23
Last updated on: 2025-10-27
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| tibbo | aggregate_network_manager | <6.40.05> |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-497 | The product does not properly prevent sensitive system-level information from being accessed by unauthorized actors who do not have the same level of access to the underlying system as the product does. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-34156 is a vulnerability in Tibbo AggreGate Network Manager versions prior to 6.40.05 where an unauthenticated endpoint (/cwmp/happyaxis.jsp) exposes sensitive system information such as Java system properties, server path details, and version information. This information disclosure can be accessed by unauthorized users and may help attackers gain critical system details to facilitate further attacks. [1]
How can this vulnerability impact me? :
This vulnerability can impact you by exposing sensitive system information to unauthorized users without requiring any authentication. Attackers can use this information to better understand the system environment, which could aid in planning and executing further attacks, potentially leading to system compromise or disruption of the network management services. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by attempting to access the unauthenticated endpoint /cwmp/happyaxis.jsp on the Tibbo AggreGate Network Manager server. If the endpoint is accessible and returns Java system properties, server path details, or version information without authentication, the system is vulnerable. A simple command to check this is using curl or wget to fetch the page, for example: curl http://<server-ip>/cwmp/happyaxis.jsp or wget -qO- http://<server-ip>/cwmp/happyaxis.jsp. If sensitive information is returned, the vulnerability is present. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include upgrading Tibbo AggreGate Network Manager to version 6.40.05 or later, where the vulnerability is fixed. Until the upgrade can be applied, restrict access to the /cwmp/happyaxis.jsp endpoint by implementing network-level controls such as firewall rules or access control lists to block unauthorized access. Additionally, monitor access logs for any attempts to reach this endpoint and consider disabling or restricting the affected service if possible. [1]