CVE-2025-12547
Published: 31 October 2025
Summary
CVE-2025-12547 is a low-severity Improper Restriction of Excessive Authentication Attempts (CWE-307) vulnerability in Logicaldoc Logicaldoc. Its CVSS base score is 2.9 (Low).
Operationally, exploitation aligns with the MITRE ATT&CK technique Brute Force (T1110); ranked at the 40.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-7 (Unsuccessful Logon Attempts) and AC-3 (Access Enforcement).
Deeper analysis
CVE-2025-12547 is a vulnerability in LogicalDOC Community Edition up to version 9.2.1, affecting unknown code in the /login.jsp file of the Admin Login Page component. It stems from improper restriction of excessive authentication attempts, mapped to CWE-307 (Improper Restriction of Excessive Authentication Attempts) and CWE-799 (Improper Control of Interaction Frequency). The issue carries a CVSS v3.1 base score of 3.7 (AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N) and was published on 2025-10-31.
Remote unauthenticated attackers can exploit this vulnerability over the network without user interaction, though it requires high attack complexity, making exploitability difficult. Successful exploitation results in low-impact confidentiality disclosure, with no effects on integrity or availability.
VulDB advisories detail the issue and note that an exploit is publicly available via a GitHub Gist. The vendor was contacted early regarding disclosure but provided no response, and no patches or official mitigations are referenced.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-37396
Vulnerability details
A vulnerability was identified in LogicalDOC Community Edition up to 9.2.1. This vulnerability affects unknown code of the file /login.jsp of the component Admin Login Page. Such manipulation leads to improper restriction of excessive authentication attempts. The attack can be…
more
executed remotely. This attack is characterized by high complexity. It is stated that the exploitability is difficult. The exploit is publicly available and might be used. The vendor was contacted early about this disclosure but did not respond in any way.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Vulnerability involves improper restriction of excessive authentication attempts, directly enabling brute-force attacks (T1110) on the admin login.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly enforces limits on consecutive unsuccessful logon attempts to the /login.jsp admin page, blocking the brute-force vector described in CVE-2025-12547.
Enforces the underlying access-control policy that should have rejected excessive authentication attempts against the login component.
Enables monitoring of authentication events on the exposed login page so that repeated failed attempts can be identified in real time.