CVE-2025-11195 is a vulnerability identified in Rapid7's AppSpider Pro software versions prior to 7.5.021. The issue arises from improper input validation related to project name uniqueness within the application's configuration files. Specifically, an attacker with access to the configuration files can manually edit the project name to a duplicate of an existing project name. This vulnerability is categorized under CWE-20 (Improper Input Validation) and CWE-345 (Insufficient Verification of Data Authenticity). The root cause is the lack of effective verification mechanisms to ensure project names remain unique when modified outside the application interface. This can lead to conflicts or unintended behavior within the application, potentially allowing an attacker with limited privileges (local access and low privileges) to interfere with project configurations. The CVSS v3.1 base score is 3.3, indicating a low severity vulnerability, with an attack vector of local access (AV:L), low attack complexity (AC:L), requiring privileges (PR:L), no user interaction (UI:N), and impacting integrity (I:L) but not confidentiality or availability. No known exploits are reported in the wild, and the issue was remediated in version 7.5.021 of AppSpider Pro.

For European organizations using Rapid7 AppSpider Pro versions below 7.5.021, this vulnerability poses a limited but tangible risk. Since exploitation requires local access and low privileges, the threat is primarily from insider threats or attackers who have already gained some foothold within the network. The impact is mainly on the integrity of project configurations, which could lead to confusion, mismanagement, or potential disruption of vulnerability scanning workflows. This could indirectly affect the accuracy and reliability of security assessments, potentially delaying the detection of other critical vulnerabilities. However, there is no direct impact on confidentiality or availability, and no remote exploitation vector, which limits the scope of the threat. Organizations relying heavily on AppSpider Pro for automated security testing may experience operational inefficiencies or misconfigurations if this vulnerability is exploited.

To mitigate this vulnerability, European organizations should prioritize upgrading Rapid7 AppSpider Pro to version 7.5.021 or later, where the issue has been resolved. Until the update is applied, organizations should enforce strict access controls to limit who can access and modify configuration files, ensuring only trusted administrators have such permissions. Monitoring and auditing changes to configuration files can help detect unauthorized modifications. Additionally, implementing file integrity monitoring solutions can alert administrators to unexpected changes in project configuration files. Organizations should also educate users about the risks of manual configuration edits and establish policies to prevent editing configuration files outside the application interface. Finally, segregating duties and using role-based access controls within the application can reduce the risk of low-privilege users exploiting this vulnerability.