Cyber Resilience

CVE-2022-25356

MediumPublic PoC

Published: 05 April 2022

Published
05 April 2022
Modified
05 September 2025
KEV Added
Patch
CVSS Score v3.1 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
EPSS Score 0.7287 98.8th percentile
Risk Priority 54 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-25356 is a medium-severity aka Blind XPath Injection (CWE-91) vulnerability in Altn Securitygateway. Its CVSS base score is 5.3 (Medium).

Operationally, ranked in the top 1.2% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

Alt-N MDaemon Security Gateway through version 8.5.0 is affected by an XML injection vulnerability (CWE-91) in the SecurityGateway.dll component when handling the view=login parameter. The flaw carries a CVSS 3.1 base score of 5.3 and permits unauthenticated network access that can disclose limited information.

An unauthenticated remote attacker can supply crafted XML input to the login view endpoint, resulting in partial confidentiality exposure without requiring user interaction or credentials. The attack vector is rated as low complexity and network-reachable.

Public advisories published by SWASCAN and the vendor Alt-N describe the issue and point to the vendor's product pages for Security Gateway; no explicit patch version or configuration workaround is detailed in the available references. The associated EPSS score rose from lower values to a peak of 0.8534 before receding to the current 0.7287, indicating post-disclosure exploitation interest that later declined.

EU & UK References

Vulnerability details

Alt-N MDaemon Security Gateway through 8.5.0 allows SecurityGateway.dll?view=login XML Injection.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

altn
securitygateway
2.1.0 — 8.5.0

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References