AI description
CVE-2025-47227 is an authentication bypass vulnerability found in the Production Environment extension of Netmake ScriptCase, affecting versions through 9.12.006 (23). This flaw specifically resides within the administrator password reset mechanism, which is improperly implemented. An unauthenticated attacker can exploit this vulnerability by sending a sequence of GET and POST requests to `login.php`. This manipulation allows the attacker to reset the administrator's password without prior authentication, leading to an administrator account takeover. This vulnerability can be chained with CVE-2025-47228 to achieve pre-authenticated remote command execution.
- Description
- In the Production Environment extension in Netmake ScriptCase through 9.12.006 (23), the Administrator password reset mechanism is mishandled. Making both a GET and a POST request to login.php.is sufficient. An unauthenticated attacker can then bypass authentication via administrator account takeover.
- Source
- cve@mitre.org
- NVD status
- Deferred
CVSS 3.1
- Type
- Secondary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
- Severity
- HIGH
- cve@mitre.org
- CWE-684
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
4
GitHub - Outs1d3r-Net/CVE-2025-47227: Exploit for CVE-2025-47227 - ScriptCase Password Reset (Pre-Auth) · GitHub https://t.co/gjcIR4NRfF
@akaclandestine
1 Jun 2026
1865 Impressions
6 Retweets
18 Likes
15 Bookmarks
0 Replies
0 Quotes
CVE-2025-47227: In Netmake ScriptCase, the Administrator password reset mechanism is mishandled. Making both a GET and a POST request to https://t.co/aEbduijeDQ sufficient. An unauthenticated attacker can then bypass authentication via administrator account takeover.
@ZeroDayFacts
17 Jul 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-47227 (CVSS:7.5, HIGH) is Awaiting Analysis. In the Production Environment extension in Netmake ScriptCase through 9.12.006 (23), the Administrator password reset me..https://t.co/QkMC71gRHa #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
10 Jul 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️Vulnerabilidades de ScriptCase ❗CVE-2025-47227 ➡️Más info: https://t.co/YOcs7PxQO5 https://t.co/dKtypXFzdg
@CERTpy
7 Jul 2025
110 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#exploit #AppSec "ScriptCase - Pre-Authenticated RCE (CVE-2025-47227, CVE-2025-47228)", 2025. ]-> PoC Script - https://t.co/bjn5yGwrCn // Pre-auth RCE is achieved by chaining two vulnerabilities: the first is the ability to reset the administrator password of the prod consol
@ksg93rd
7 Jul 2025
66 Impressions
0 Retweets
0 Likes
2 Bookmarks
0 Replies
0 Quotes
CVE-2025-47227 In the Production Environment extension in Netmake ScriptCase through 9.12.006 (23), the Administrator password reset mechanism is mishandled. Making both a GET and a… https://t.co/ok8m75DHcA
@CVEnew
5 Jul 2025
808 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes