CVE-2025-25279

Published Feb 24, 2025

Last updated 6 months ago

CVSS critical 9.9

Overview

Description
Mattermost versions 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3.2, 10.2.x <= 10.2.2 fail to properly validate board blocks when importing boards which allows an attacker could read any arbitrary file on the system via importing and exporting a specially crafted import archive in Boards.
Source
responsibledisclosure@mattermost.com
NVD status
Analyzed
Products
mattermost_server

Risk scores

CVSS 3.1

Type
Primary
Base score
7.5
Impact score
3.6
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity
HIGH

Weaknesses

responsibledisclosure@mattermost.com
CWE-22

Social media

Hype score
Not currently trending

  1. CVE-2025-25279 (CVSS:9.9, CRITICAL) is Awaiting Analysis. Mattermost versions 10.4.x &lt;= 10.4.1, 9.11.x &lt;= 9.11.7, 10.3.x &lt;= 10.3.2, 10.2.x &lt;= 10.2.2 fail to properly validate boa..https://t.co/EFY4BcOV27 #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nv

    @cracbot

    1 Mar 2025

    6 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2025-25279 (CVSS:9.9, CRITICAL) is Awaiting Analysis. Mattermost versions 10.4.x &lt;= 10.4.1, 9.11.x &lt;= 9.11.7, 10.3.x &lt;= 10.3.2, 10.2.x &lt;= 10.2.2 fail to properly validate boa..https://t.co/EFY4BcOV27 #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nv

    @cracbot

    28 Feb 2025

    11 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 🚨 ALERT: Mattermost Users, Patch Now! 🚨 Three nasty vulns just dropped – CVE-2025-20051, CVE-2025-24490, and CVE-2025-25279. Attackers could exploit these to snoop on any file or unleash SQL injection chaos. ZoomEye’s already clocked 35.1k+ exposed instances with this… https

    @zoomeye_team

    25 Feb 2025

    425 Impressions

    1 Retweet

    5 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  4. Critical Mattermost Flaws (CVE-2025-20051, CVE-2025-24490, CVE-2025-25279) Expose Systems to File Read and SQL Injection Attacks https://t.co/UPqEin5F1b

    @Dinosn

    25 Feb 2025

    2234 Impressions

    7 Retweets

    17 Likes

    3 Bookmarks

    0 Replies

    0 Quotes

  5. ⚠️⚠️Critical Mattermost Flaws Expose Systems to File Read and SQL Injection Attacks CVE-2025-20051, CVE-2025-24490, CVE-2025-25279 🎯84k+ Results are found on the https://t.co/pb16tGYaKe nearly year. 🔗FOFA Link:https://t.co/bRJ5LAaio1 FOFA Query:app="Mattermost" 🔖… https://

    @fofabot

    25 Feb 2025

    970 Impressions

    7 Retweets

    11 Likes

    4 Bookmarks

    0 Replies

    0 Quotes

  6. 🚨 CVE-2025-25279 ⚠️🔴 CRITICAL (9.9) 🏢 Mattermost - Mattermost 🏗️ 10.4.0 🔗 https://t.co/kImZIYcYXl #CyberCron #VulnAlert https://t.co/Gq8II6IcZh

    @cybercronai

    24 Feb 2025

    31 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. CVE-2025-25279 Mattermost Boards Vulnerability https://t.co/BdE5QSRSFb

    @VulmonFeeds

    24 Feb 2025

    54 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. CVE-2025-25279 Mattermost versions 10.4.x &lt;= 10.4.1, 9.11.x &lt;= 9.11.7, 10.3.x &lt;= 10.3.2, 10.2.x &lt;= 10.2.2 fail to properly validate board blocks when importing boards which allows a… https://t.co/5jmLfsRE69

    @CVEnew

    24 Feb 2025

    303 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. [CVE-2025-25279: CRITICAL] Critical cyber security vulnerability in Mattermost versions 10.4.x &lt;= 10.4.1, 9.11.x &lt;= 9.11.7, 10.3.x &lt;= 10.3.2, 10.2.x &lt;= 10.2.2 could allow attackers to read any file on the system ...#cybersecurity,#vulnerability https://t.co/c6UxjuI0ti

    @CveFindCom

    24 Feb 2025

    48 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

Related CVEs

  1. Mattermost versions 11.2.x <= 11.2.2, 10.11.x <= 10.11.10, 11.4.x <= 11.4.0, 11.3.x <= 11.3.1 fail to apply view restrictions when retrieving group member IDs, which allows authenticated guest users to enumerate user IDs outside their allowed visibility scope via the group retrieval endpoint.. Mattermost Advisory ID: MMSA-2026-00594CVE-2026-3115
  2. Mattermost versions 11.4.x <= 11.4.0, 11.3.x <= 11.3.1, 11.2.x <= 11.2.3, 10.11.x <= 10.11.11 fail to validate decompressed archive entry sizes during file extraction which allows authenticated users with file upload permissions to cause a denial of service via crafted zip archives containing highly compressed entries (zip bombs) that exhaust server memory.. Mattermost Advisory ID: MMSA-2026-00598CVE-2026-3114
  3. Mattermost versions 11.4.x <= 11.4.0, 11.3.x <= 11.3.1, 11.2.x <= 11.2.3, 10.11.x <= 10.11.11 fail to set permissions on downloaded bulk export which allows other local users on the server to be able to read contents of the bulk export.. Mattermost Advisory ID: MMSA-2026-00593CVE-2026-3113
  4. Mattermost versions 11.4.x <= 11.4.0, 11.3.x <= 11.3.1, 11.2.x <= 11.2.3, 10.11.x <= 10.11.11 fail to validate Advanced Logging file target paths which allows system administrators to read arbitrary host files via malicious AdvancedLoggingJSON configuration in support packet generation. Mattermost Advisory ID: MMSA-2025-00562CVE-2026-3112
  5. Mattermost versions 11.2.x <= 11.2.2, 10.11.x <= 10.11.10, 11.4.x <= 11.4.0, 11.3.x <= 11.3.1 fail to sanitize user-controlled post content in the mmctl commands terminal output which allows attackers to manipulate administrator terminals via crafted messages containing ANSI and OSC escape sequences that enable screen manipulation, fake prompts, and clipboard hijacking.. Mattermost Advisory ID: MMSA-2026-00599CVE-2026-3108

References

Sources include official advisories and independent security research.