CVE-2025-43880 is a vulnerability identified in GROWI, Inc.'s GROWI software versions prior to 7.1.6. The issue stems from inefficient regular expression complexity within the application, which can be exploited by a logged-in user to trigger a denial of service (DoS) condition. Specifically, the vulnerability arises when the application processes certain inputs that cause the regular expression engine to consume excessive CPU resources, leading to performance degradation or complete service unavailability. This type of vulnerability is commonly referred to as a Regular Expression Denial of Service (ReDoS). The CVSS v3.0 base score is 4.3, indicating a medium severity level. The vector string (AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L) reveals that the attack can be launched remotely over the network with low attack complexity, requires the attacker to have some level of privileges (logged-in user), does not require user interaction, and impacts only availability without affecting confidentiality or integrity. No known exploits are currently reported in the wild, and no patches or mitigation links were provided in the source data, though the issue is fixed in version 7.1.6 and later. The vulnerability's impact is limited to denial of service, which could disrupt normal operations of GROWI instances, potentially affecting collaboration and documentation workflows dependent on this platform.

For European organizations using GROWI, particularly those relying on it for internal documentation, knowledge sharing, or collaborative workflows, this vulnerability poses a risk of service disruption. A successful exploitation could degrade system responsiveness or cause outages, impacting productivity and potentially delaying critical business processes. Since the attack requires authenticated access, the threat is primarily from insider threats or compromised user accounts. Organizations with large user bases or those integrating GROWI into critical operational environments may experience amplified effects. The denial of service could also affect regulatory compliance if documentation access is mandated for audit or operational continuity. However, the lack of impact on confidentiality or integrity reduces risks related to data breaches or manipulation. The medium severity suggests that while the threat is not critical, it should not be ignored, especially in environments where availability is crucial.

Upgrade GROWI installations to version 7.1.6 or later, where this vulnerability is addressed. Implement strict access controls and monitor user activities to detect unusual patterns that may indicate attempts to exploit the vulnerability. Apply rate limiting or input validation on user-submitted content to reduce the risk of triggering inefficient regular expressions. Use Web Application Firewalls (WAFs) with custom rules to detect and block suspicious payloads targeting regular expression processing. Conduct regular security audits and vulnerability scans focusing on GROWI deployments to identify outdated versions or misconfigurations. Educate users on secure usage practices and the importance of safeguarding their credentials to prevent unauthorized access. Consider isolating GROWI instances in segmented network zones to limit the impact of potential DoS attacks on broader infrastructure.