CVE-2025-49493

Published Jun 30, 2025

Last updated 6 months ago

CVSS medium 5.8
Akamai CloudTest

Overview

Description
Akamai CloudTest before 60 2025.06.02 (12988) allows file inclusion via XML External Entity (XXE) injection.
Source
cve@mitre.org
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
5.8
Impact score
1.4
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Severity
MEDIUM

Weaknesses

cve@mitre.org
CWE-611

Social media

Hype score
Not currently trending

  1. 🚨 CVE-2025-49493 - critical 🚨 Akamai CloudTest < 60 2025.06.02 - XML External Entity (XXE) > Akamai CloudTest before 60 2025.06.02 (12988) allows file inclusion via XML External ... 👾 https://t.co/0yqpzdO53m @pdnuclei #NucleiTemplates #cve

    @pdnuclei_bot

    12 Jul 2025

    350 Impressions

    4 Retweets

    9 Likes

    3 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2025-49493 : Akamai CloudTest Allows File Inclusion via XML External Entity (XXE) injection. @B1ackash https://t.co/4T2nU5oZ1M

    @freedomhack101

    5 Jul 2025

    70 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 🚨Alert🚨 CVE-2025-49493:Akamai CloudTest Allows File Inclusion via XML External Entity (XXE) injection. #infosec #infosecurity #OSINT #Vulnerability https://t.co/96eCulQU9m

    @B1ackash

    4 Jul 2025

    46 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  4. ⚡️The vulnerability details are now available: https://t.co/VpBPgtzToX 🚨🚨CVE-2025-49493: Akamai CloudTest is vulnerable to XXE Injection! Attackers can exploit the SOAP endpoint for file inclusion. 🔥PoC: https://t.co/ch49ccf4I5 Search by vul.cve https://t.co/4pr3

    @zoomeye_team

    3 Jul 2025

    847 Impressions

    3 Retweets

    13 Likes

    3 Bookmarks

    0 Replies

    1 Quote

  5. CVE-2025-49493 : Poc Akamai CloudTest - XXE Injection Akamai CloudTest before 60 2025.06.02 (12988) allows file inclusion via XML External Entity (XXE) injection through the /concerto/servic es/ RepositoryService SOAP endpoint. https://t.co/RyKrBz6yZz https://t.co/WiYUaaNQT6

    @freedomhack101

    2 Jul 2025

    89 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  6. GitHub - MuhammadWaseem29/CVE-2025-49493-Poc - https://t.co/P2SoPOfCHN

    @piedpiper1616

    2 Jul 2025

    768 Impressions

    2 Retweets

    8 Likes

    4 Bookmarks

    0 Replies

    0 Quotes

  7. CVE-2025-49493 XML External Entity (XXE) Injection Vulnerability in Akamai Cloud... https://t.co/LfGuzFGRol Customizable Vulnerability Alerts: https://t.co/U7998fz7yk

    @VulmonFeeds

    1 Jul 2025

    13 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. CVE-2025-49493 Akamai CloudTest before 60 2025.06.02 (12988) allows file inclusion via XML External Entity (XXE) injection. https://t.co/ha3xuK7ItM

    @CVEnew

    30 Jun 2025

    420 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. Even mature products hide critical flaws – and @XBOW just found another one. CVE-2025-49493: XXE in Akamai CloudTest discovered during our climb to #1 on HackerOne. A complete technical breakdown from an error-based detection to a full exfiltration by @djurado9 https://t.co/

    @Xbow

    30 Jun 2025

    25529 Impressions

    35 Retweets

    180 Likes

    66 Bookmarks

    6 Replies

    7 Quotes

References

Sources include official advisories and independent security research.