CVE-2025-56447
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-22

Last updated on: 2025-10-22

Assigner: MITRE

Description
TM2 Monitoring v3.04 contains an authentication bypass and plaintext credential disclosure.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-22
Last Modified
2025-10-22
Generated
2026-06-16
AI Q&A
2025-10-22
EPSS Evaluated
2026-06-15
NVD
CVE-2025-56447
EUVD
EUVD-2025-35575
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
rt_systems tm2_monitoring 3.04
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-287 When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
CWE-319 The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-56447 is a vulnerability in TM2 Monitoring v3.04 that allows an attacker to bypass authentication and obtain plaintext administrative credentials. This happens because the system relies only on client-side JavaScript for authentication, which can be bypassed by sending an unauthenticated HTTP GET request to the /security.php endpoint. The server then returns sensitive information including admin and guest passwords in clear text within the HTML response, allowing unauthorized access to administrative features. [4]

Impact Analysis

This vulnerability can have severe impacts as it allows attackers to bypass authentication and gain unauthorized access to administrative functions of TM2 Monitoring. Additionally, attackers can obtain plaintext credentials, compromising the confidentiality of sensitive passwords. This can lead to full control over the system's protected features, potentially resulting in data breaches, system manipulation, or further exploitation. [4]

Detection Guidance

This vulnerability can be detected by sending an unauthenticated HTTP GET request to the endpoint /security.php on the TM2 Monitoring v3.04 system and checking if the response contains plaintext administrative credentials in the HTML form inputs. For example, you can use the following command with curl to test for the vulnerability: curl -s http://<target-ip-or-host>/security.php | grep -E 'pw_admin|pw_guest' If the output shows input fields with plaintext passwords, the system is vulnerable. [4]

Mitigation Strategies

Immediate mitigation steps include restricting access to the /security.php endpoint to trusted users only, such as by implementing network-level access controls or firewall rules. Additionally, avoid exposing TM2 Monitoring v3.04 instances directly to untrusted networks until a vendor patch or update is available. Monitoring and alerting on unexpected access to /security.php can also help detect exploitation attempts. [4]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-56447. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart