CVE-2025-48208HIGH 8.8EPSS p43.5%

CVE-2025-48208CVE-2025-48208

Description

Improper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection') vulnerability in Apache HertzBeat . The attacker needs to have an authenticated account with access, and the attack can only be triggered by crafting custom commands. A successful attack would result in arbitrary script execution. This issue affects Apache HertzBeat: through 1.7.2. Users are recommended to upgrade to version [1.7.3], which fixes the issue.

Scoring

CVSS 3.18.8 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS0.59% probability of exploitation · percentile 43.5% · 2026-06-18T12:00:27Z
Published2025-09-09
Last modified2025-11-04

Underlying weaknesses· 1

CWE-90

References

  1. https://lists.apache.org/thread/3zrr3oo67pxxx7wgzj80kglltfshngn2
  2. http://www.openwall.com/lists/oss-security/2025/09/06/5

1

TypeTargetConfidenceTier
WeaknessImproper Neutralization of Special Elements used in an LDAP Query ('LDAP Injection')cwe-900%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-24343
CVE
CVE-2025-24404
CVE
CVE-2026-41919
CVE
CVE-2025-4784
CVE
CVE-2025-31637
CVE
CVE-2025-39484
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.