Cyber Posture

CVE-2025-1845

Medium

Published: 03 March 2025

Published
03 March 2025
Modified
28 May 2025
KEV Added
Patch
CVSS Score 6.3 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
EPSS Score 0.0077 73.7th percentile
Risk Priority 13 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-1845 is a medium-severity Injection (CWE-74) vulnerability in Esafenet Dsm. Its CVSS base score is 6.3 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 26.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190) and 1 other technique. What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match
prevent

Directly validates and sanitizes the 's' argument in the examExportPDF function to prevent command injection exploitation.

SI-2 Flaw Remediation good match
prevent

Requires identification, reporting, and remediation of the command injection flaw in ESAFENET DSM 3.1.2 to eliminate the vulnerability.

SI-9 Information Input Restrictions partial match
prevent

Restricts the type, size, and quantity of the 's' argument inputs to block malicious command injection payloads.

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
T1059 Command and Scripting Interpreter Execution
Adversaries may abuse command and script interpreters to execute commands, scripts, or binaries.
attack.mitre.org →
Why these techniques?

Command injection in public-facing web function directly enables remote exploitation (T1190) and arbitrary command execution via system interpreter (T1059).

Confidence: HIGH · MITRE ATT&CK Enterprise v18.1

NVD Description

A vulnerability has been found in ESAFENET DSM 3.1.2 and classified as critical. Affected by this vulnerability is the function examExportPDF of the file /admin/plan/examExportPDF. The manipulation of the argument s leads to command injection. The attack can be launched…

more

remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Deeper analysisAI

CVE-2025-1845 is a command injection vulnerability classified as critical in ESAFENET DSM version 3.1.2. The flaw affects the examExportPDF function in the /admin/plan/examExportPDF file, where manipulation of the "s" argument triggers the injection. It is remotely exploitable and has been assigned CWEs CWE-74 and CWE-77, with a CVSS v3.1 base score of 6.3 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).

An attacker with low privileges (PR:L) can exploit this vulnerability over the network with low complexity. No user interaction is required, and exploitation leads to limited impacts on confidentiality, integrity, and availability, such as potential execution of arbitrary commands within the context of the affected component.

Advisories from VulDB and GitHub disclosures indicate that the exploit has been publicly released and may be actively used. The vendor was contacted early regarding the issue but provided no response, and no patches or mitigations are mentioned in the available references.

Details

CWE(s)
CWE-74CWE-77

Affected Products

esafenet
dsm
3.1.2

CVEs Like This One

CVE-2025-0789Same vendor: Esafenet
CVE-2025-0791Same vendor: Esafenet
CVE-2025-1840Same vendor: Esafenet
CVE-2025-1844Same vendor: Esafenet
CVE-2025-0786Same vendor: Esafenet
CVE-2025-0792Same vendor: Esafenet
CVE-2025-2927Same vendor: Esafenet
CVE-2025-1841Same vendor: Esafenet
CVE-2025-0788Same vendor: Esafenet
CVE-2025-0793Same vendor: Esafenet

References