Cyber Resilience

CVE-2025-2652

MediumPublic PoC

Published: 23 March 2025

Published
23 March 2025
Modified
26 March 2025
KEV Added
Patch
CVSS Score v4 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0020 41.5th percentile
Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-2652 is a medium-severity Exposure of Information Through Directory Listing (CWE-548) vulnerability in Oretnom23 Employee And Visitor Gate Pass Logging System. Its CVSS base score is 6.9 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique File and Directory Discovery (T1083); ranked at the 41.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-22 (Publicly Accessible Content) and CM-6 (Configuration Settings).

Deeper analysis

CVE-2025-2652 is a vulnerability in SourceCodester Employee and Visitor Gate Pass Logging System 1.0, classified as problematic due to exposure of information through directory listing. It affects an unknown functionality across multiple sub-directories, enabling remote attackers to access sensitive directory contents without authentication.

The vulnerability can be exploited remotely by unauthenticated attackers with low complexity and no user interaction required, as indicated by its CVSS v3.1 base score of 5.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N). Successful exploitation allows attackers to view directory listings, potentially disclosing file names, paths, or other configuration details that could aid further reconnaissance or attacks.

Advisories recommend changing configuration settings to mitigate the issue, such as disabling directory listing on affected web servers. The exploit has been publicly disclosed, with details available on platforms like GitHub and VulDB, increasing the risk of widespread use.

EU & UK References

Vulnerability details

A vulnerability has been found in SourceCodester Employee and Visitor Gate Pass Logging System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to exposure of information through directory listing. The attack can…

more

be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to change the configuration settings. Multiple sub-directories are affected.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1083 File and Directory Discovery Discovery
Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system.
Why these techniques?

The directory listing exposure directly enables remote unauthenticated File and Directory Discovery (T1083) by disclosing file names, paths, and configuration details.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-2038Shared CWE-548, CWE-552
CVE-2026-26706Same vendor: Oretnom23
CVE-2025-2387Same vendor: Oretnom23
CVE-2025-2655Same vendor: Oretnom23
CVE-2026-3746Same vendor: Oretnom23
CVE-2025-2654Same vendor: Oretnom23
CVE-2026-30530Same vendor: Oretnom23
CVE-2026-30532Same vendor: Oretnom23
CVE-2026-26705Same vendor: Oretnom23
CVE-2026-26707Same vendor: Oretnom23

Affected Assets

oretnom23
employee and visitor gate pass logging system
1.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Establishes and enforces secure configuration settings on web servers to disable directory listing, directly preventing remote exposure of directory contents in the affected sub-directories.

prevent

Restricts web servers to least functionality by prohibiting unnecessary features like directory browsing, mitigating the information disclosure vulnerability.

prevent

Controls and reviews publicly accessible content to ensure directory listings do not expose sensitive file names, paths, or configuration details without authorization.

References