CVE-2025-6444

Published Jun 25, 2025

Last updated 22 days ago

CVSS medium 5.9

Overview

Description
ServiceStack GetErrorResponse Improper Input Validation NTLM Relay Vulnerability. This vulnerability allows remote attackers to relay NTLM credentials on affected installations of ServiceStack. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the implementation of the GetErrorResponse method. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to relay NTLM credentials in the context of the current user. Was ZDI-CAN-25834.
Source
zdi-disclosures@trendmicro.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.0

Type
Secondary
Base score
5.9
Impact score
3.6
Exploitability score
2.2
Vector string
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Severity
MEDIUM

Weaknesses

zdi-disclosures@trendmicro.com
CWE-20

Social media

Hype score
Not currently trending

  1. CVE-2025-6444 ServiceStack GetErrorResponse Improper Input Validation NTLM Relay Vulnerability. This vulnerability allows remote attackers to relay NTLM credentials on affected insta… https://t.co/s0cjGrSrrn

    @CVEnew

    25 Jun 2025

    354 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.