CVE-2025-48045: CWE-201 Insertion of Sensitive Information Into Sent Data in MICI Network Co. Ltd. NetFax Server
An unauthenticated HTTP GET request to the /client.php endpoint will disclose the default administrator user credentials.
AI Analysis
Technical Summary
CVE-2025-48045 is a high-severity vulnerability affecting MICI Network Co. Ltd.'s NetFax Server product. The vulnerability is categorized under CWE-201, which involves the insertion of sensitive information into sent data. Specifically, an unauthenticated attacker can send an HTTP GET request to the /client.php endpoint of the NetFax Server and receive a response containing the default administrator user credentials. This flaw allows an attacker to obtain privileged access information without any authentication, effectively bypassing access controls. The vulnerability has a CVSS 4.0 base score of 8.7, indicating a high impact with network attack vector, no required privileges, no user interaction, and complete confidentiality compromise. The vulnerability affects version 0 of the product, which likely refers to an initial or early release. No patches or known exploits in the wild have been reported yet. The core technical issue is that sensitive credentials are embedded in server responses to unauthenticated requests, exposing the system to credential disclosure and subsequent unauthorized access or lateral movement within the network.
Potential Impact
For European organizations using MICI Network Co. Ltd.'s NetFax Server, this vulnerability poses a significant risk. Disclosure of default administrator credentials can lead to full administrative control over the fax server, enabling attackers to intercept, modify, or delete fax communications, which may contain sensitive or regulated information. This can result in breaches of confidentiality and integrity, potentially violating GDPR and other data protection regulations. Moreover, compromised fax servers can serve as pivot points for further network intrusion, increasing the risk of ransomware or espionage attacks. The unauthenticated nature of the exploit means attackers can remotely target vulnerable servers without prior access, increasing the attack surface. Given the critical role fax servers may still play in certain regulated industries such as healthcare, legal, and government sectors in Europe, the impact could be severe, including operational disruption and reputational damage.
Mitigation Recommendations
Immediate mitigation should focus on restricting access to the /client.php endpoint to trusted internal networks only, using network segmentation and firewall rules. Organizations should disable or change default administrator credentials if possible, even before patches are available. Monitoring and logging HTTP requests to detect suspicious access patterns targeting /client.php can help identify exploitation attempts. Since no patches are currently available, organizations should consider isolating or decommissioning vulnerable NetFax Server instances until a vendor fix is released. Employing web application firewalls (WAFs) with custom rules to block unauthenticated requests to sensitive endpoints can provide an additional layer of defense. Finally, organizations should engage with MICI Network Co. Ltd. for timely updates and patches and plan for rapid deployment once available.
Affected Countries
Germany, France, United Kingdom, Italy, Spain, Netherlands, Belgium, Sweden
CVE-2025-48045: CWE-201 Insertion of Sensitive Information Into Sent Data in MICI Network Co. Ltd. NetFax Server
Description
An unauthenticated HTTP GET request to the /client.php endpoint will disclose the default administrator user credentials.
AI-Powered Analysis
Technical Analysis
CVE-2025-48045 is a high-severity vulnerability affecting MICI Network Co. Ltd.'s NetFax Server product. The vulnerability is categorized under CWE-201, which involves the insertion of sensitive information into sent data. Specifically, an unauthenticated attacker can send an HTTP GET request to the /client.php endpoint of the NetFax Server and receive a response containing the default administrator user credentials. This flaw allows an attacker to obtain privileged access information without any authentication, effectively bypassing access controls. The vulnerability has a CVSS 4.0 base score of 8.7, indicating a high impact with network attack vector, no required privileges, no user interaction, and complete confidentiality compromise. The vulnerability affects version 0 of the product, which likely refers to an initial or early release. No patches or known exploits in the wild have been reported yet. The core technical issue is that sensitive credentials are embedded in server responses to unauthenticated requests, exposing the system to credential disclosure and subsequent unauthorized access or lateral movement within the network.
Potential Impact
For European organizations using MICI Network Co. Ltd.'s NetFax Server, this vulnerability poses a significant risk. Disclosure of default administrator credentials can lead to full administrative control over the fax server, enabling attackers to intercept, modify, or delete fax communications, which may contain sensitive or regulated information. This can result in breaches of confidentiality and integrity, potentially violating GDPR and other data protection regulations. Moreover, compromised fax servers can serve as pivot points for further network intrusion, increasing the risk of ransomware or espionage attacks. The unauthenticated nature of the exploit means attackers can remotely target vulnerable servers without prior access, increasing the attack surface. Given the critical role fax servers may still play in certain regulated industries such as healthcare, legal, and government sectors in Europe, the impact could be severe, including operational disruption and reputational damage.
Mitigation Recommendations
Immediate mitigation should focus on restricting access to the /client.php endpoint to trusted internal networks only, using network segmentation and firewall rules. Organizations should disable or change default administrator credentials if possible, even before patches are available. Monitoring and logging HTTP requests to detect suspicious access patterns targeting /client.php can help identify exploitation attempts. Since no patches are currently available, organizations should consider isolating or decommissioning vulnerable NetFax Server instances until a vendor fix is released. Employing web application firewalls (WAFs) with custom rules to block unauthenticated requests to sensitive endpoints can provide an additional layer of defense. Finally, organizations should engage with MICI Network Co. Ltd. for timely updates and patches and plan for rapid deployment once available.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- rapid7
- Date Reserved
- 2025-05-15T13:38:26.770Z
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 68385671182aa0cae27ce98f
Added to database: 5/29/2025, 12:43:29 PM
Last enriched: 7/8/2025, 3:39:36 AM
Last updated: 8/9/2025, 4:19:52 AM
Views: 12
Related Threats
CVE-2025-8464: CWE-23 Relative Path Traversal in glenwpcoder Drag and Drop Multiple File Upload for Contact Form 7
MediumCVE-2025-7499: CWE-862 Missing Authorization in wpdevteam BetterDocs – Advanced AI-Driven Documentation, FAQ & Knowledge Base Tool for Elementor & Gutenberg with Encyclopedia, AI Support, Instant Answers
MediumCVE-2025-8898: CWE-862 Missing Authorization in magepeopleteam E-cab Taxi Booking Manager for Woocommerce
CriticalCVE-2025-8896: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in cozmoslabs User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor
MediumCVE-2025-8089: CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in mdempfle Advanced iFrame
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
External Links
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.