CVE-2025-67805

| EUVD-2025-209164 MEDIUM
2026-04-01 mitre
5.9
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

3
Analysis Generated
Apr 01, 2026 - 15:30 vuln.today
EUVD ID Assigned
Apr 01, 2026 - 15:30 euvd
EUVD-2025-209164
CVE Published
Apr 01, 2026 - 00:00 nvd
MEDIUM 5.9

Tags

Authentication Bypass

Description

A non-default configuration in Sage DPW 2025_06_004 allows unauthenticated access to diagnostic endpoints within the Database Monitor feature, exposing sensitive information such as hashes and table names. This feature is disabled by default in all installations and never available in Sage DPW Cloud. It was forcibly disabled again in version 2025_06_003.

Analysis

Unauthenticated access to diagnostic endpoints in Sage DPW 2025_06_004 Database Monitor feature discloses sensitive information including password hashes and database table names when non-default configuration is enabled. The vulnerability affects only installations with this feature explicitly enabled (disabled by default); Sage DPW Cloud is not vulnerable. This configuration was forcibly disabled in version 2025_06_003, indicating a prior history of this issue. EPSS score of 5.9 reflects moderate exploitation probability despite unauthenticated network accessibility.

Technical Context

The Database Monitor feature in Sage DPW exposes diagnostic endpoints that were designed for administrative monitoring purposes. When this feature is enabled via non-default configuration, these endpoints become accessible without authentication due to insufficient access control validation. The endpoints disclose sensitive cryptographic material (password hashes) and database structural information (table names), both valuable for further attack progression. The CWE classification is not specified in available data, but the root cause involves inadequate authentication checks on diagnostic functionality. The fact that the feature is disabled by default and was forcibly disabled again in 2025_06_003 suggests this endpoint exposure represents a regression or configuration drift risk.

Affected Products

Sage DPW version 2025_06_004 is affected when the Database Monitor feature is explicitly enabled through non-default configuration. Sage DPW Cloud deployments are explicitly not vulnerable. The vulnerability was previously present and was forcibly disabled in version 2025_06_003. Sage DPW version 2025_06_002 and earlier versions that include the Database Monitor feature may share the same vulnerability if the feature is enabled. Exact version ranges and CPE precision are limited; vendor advisory at https://www.sagedpw.at/ should be consulted for definitive affected version enumeration.

Remediation

Primary remediation is to upgrade to Sage DPW version 2025_06_003 or later, which forcibly disables this diagnostic endpoint configuration by default. For organizations requiring Database Monitor functionality, consult Sage DPW security advisories (https://www.sagedpw.at/) for any updated hardened configuration guidance or authentication controls released post-2025_06_003. Immediate mitigation for 2025_06_004 deployments is to disable the Database Monitor feature entirely through configuration management, ensuring it remains in the default disabled state. Network segmentation can provide defense-in-depth by restricting access to Sage DPW administrative interfaces to trusted internal networks only. No workarounds that maintain Database Monitor functionality while securing the endpoint are documented in available intelligence.

Priority Score

30
Low Medium High Critical
KEV: 0
EPSS: +0.0
CVSS: +30
POC: 0

Share

CVE-2025-67805 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy