AI description
CVE-2025-57788 is a vulnerability in Commvault versions before 11.36.60. It stems from a flaw in the login mechanism, which allows unauthenticated attackers to execute API calls. This vulnerability can lead to the exposure of sensitive information, as it allows an attacker to obtain the password for a low-privileged user account. This vulnerability can be chained with other Commvault vulnerabilities like CVE-2025-57789, CVE-2025-57790, and CVE-2025-57791 to achieve remote code execution (RCE). The attack chain involves leaking a low-privileged user password (CVE-2025-57788), decrypting the administrator password and escalating privileges (CVE-2025-57789), abusing argument injection to gain a session token (CVE-2025-57791), and deploying a webshell using path traversal (CVE-2025-57790).
- Description
- An issue was discovered in Commvault before 11.36.60. A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without requiring user credentials. RBAC helps limit the exposure but does not eliminate risk.
- Source
- cve@mitre.org
- NVD status
- Analyzed
- Products
- commvault
CVSS 4.0
- Type
- Secondary
- Base score
- 6.9
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- MEDIUM
CVSS 3.1
- Type
- Primary
- Base score
- 6.5
- Impact score
- 2.5
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
- Severity
- MEDIUM
- cve@mitre.org
- CWE-259
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
1
⚠️ Weekly vuln radar. https://t.co/Cd6L8ACyLV – spot what’s trending before it’s everywhere: CVE-2025-29927 CVE-2025-43300 CVE-2025-57788 (@chudyPB, Sonny) CVE-2025-9132 (@GoogleDeepMind) CVE-2025-9074 CVE-2025-57790 CVE-2025-57789 CVE-2025-57791 CVE-2024-41787
@ptdbugs
22 Aug 2025
76 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
csirt_it: ‼️ #Commvault: disponibili #PoC per lo sfruttamento delle CVE-2025-57788, CVE-2025-57789, CVE-2025-57790 e CVE-2025-57791 Rischio: 🟠 Tipologia: 🔸 Remote Code Execution 🔸 Authentication Bypass 🔗 https://t.co/qodv8GgEo6 ⚠ Importante aggi… https://t
@Vulcanux_
21 Aug 2025
79 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
‼️ #Commvault: disponibili #PoC per lo sfruttamento delle CVE-2025-57788, CVE-2025-57789, CVE-2025-57790 e CVE-2025-57791 Rischio: 🟠 Tipologia: 🔸 Remote Code Execution 🔸 Authentication Bypass 🔗 https://t.co/TmpqLKUiRz ⚠ Importante aggiornare i software inter
@csirt_it
21 Aug 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
We're back - returning to the scene of the "crime" - to demonstrate 2 pre-auth RCE chains against Commvault (CVE-2025-57788, CVE-2025-57789, CVE-2025-57790, CVE-2025-57791) Enjoy, and speak soon 😉 https://t.co/s1cHuPSi1b
@watchtowrcyber
20 Aug 2025
14280 Impressions
39 Retweets
113 Likes
27 Bookmarks
1 Reply
4 Quotes
CVE-2025-57788 An issue was discovered in Commvault before 11.36.60. A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without requiri… https://t.co/M8o1Mu6A5t
@CVEnew
20 Aug 2025
434 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:commvault:commvault:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "7ABD6584-4B5A-49F4-B2FD-B53B4ECAF0C5",
"versionEndExcluding": "11.36.60"
}
],
"operator": "OR"
}
]
}
]