CVE-2025-48928 | TeleMessage Service up to 2025-05-05 JSP Application exposure of core dump file to an unauthorized control sphere

A vulnerability was found in TeleMessage Service up to 2025-05-05. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component JSP Application. The manipulation leads to exposure of core dump file to an unauthorized control sphere.

This vulnerability is known as CVE-2025-48928. Attacking locally is a requirement. Furthermore, there is an exploit available.

This product is available as a managed service. Users are not able to maintain vulnerability countermeasures themselves.

CVE-2025-48928 | TeleMessage Service up to 2025-05-05 JSP Application exposure of core dump file to an unauthorized control sphere

Post correlati

CVE-2025-2170 | SonicWall SMA1000 up to 12.4.3-02907 server-side request forgery (SNWLID-2025-0008)

CVE-2024-33897 | HMS Cosy+ 2024 certificate validation

CVE-2024-47102 | IBM AIX/VIOS perfstat Kernel Extension denial of service

CVE-2024-57989 | Linux Kernel up to 6.12.12/6.13.1 mt76 mt7925_change_vif_links null pointer dereference