Skip to main content

CVE-2025-48479: CWE-841: Improper Enforcement of Behavioral Workflow in freescout-help-desk freescout

High
VulnerabilityCVE-2025-48479cvecve-2025-48479cwe-841
Published: Fri May 30 2025 (05/30/2025, 04:34:09 UTC)
Source: CVE Database V5
Vendor/Project: freescout-help-desk
Product: freescout

Description

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the laravel-translation-manager package does not correctly validate user input, enabling the deletion of any directory, given sufficient access rights. This issue has been patched in version 1.8.180.

AI-Powered Analysis

AILast updated: 07/07/2025, 20:44:55 UTC

Technical Analysis

CVE-2025-48479 is a high-severity vulnerability affecting FreeScout, a free self-hosted help desk and shared mailbox software. The vulnerability arises from improper enforcement of behavioral workflow (CWE-841) in the laravel-translation-manager package used by FreeScout versions prior to 1.8.180. Specifically, the package fails to correctly validate user input, which allows an attacker with sufficient access rights (high privileges) to delete arbitrary directories on the server hosting FreeScout. This deletion capability can severely impact the availability and integrity of the system by removing critical files or directories, potentially disrupting service or causing data loss. The vulnerability does not require user interaction and can be exploited remotely over the network without authentication, assuming the attacker has high privileges within the system. The CVSS 4.0 base score is 8.5, reflecting the high impact on confidentiality, integrity, and availability, combined with the ease of exploitation due to lack of authentication and user interaction requirements. The issue has been addressed in FreeScout version 1.8.180, where proper input validation has been implemented to prevent arbitrary directory deletion. No known exploits are currently reported in the wild, but the severity and nature of the vulnerability make it a critical concern for organizations using vulnerable versions of FreeScout.

Potential Impact

For European organizations, this vulnerability poses a significant risk especially for those relying on FreeScout for customer support and internal ticketing systems. Exploitation could lead to deletion of important directories, resulting in service outages, loss of critical data, and disruption of business operations. This could affect confidentiality if sensitive data is deleted or corrupted, integrity due to unauthorized modification of system files, and availability by causing denial of service. Organizations in sectors such as finance, healthcare, and public administration, which often use help desk solutions to manage sensitive information and ensure operational continuity, may face regulatory and reputational damage if impacted. Additionally, the lack of known exploits does not preclude targeted attacks, especially from insiders or attackers who have gained elevated privileges. The vulnerability’s presence in a widely used open-source help desk platform increases the attack surface for European SMEs and enterprises that self-host FreeScout.

Mitigation Recommendations

European organizations should immediately verify their FreeScout version and upgrade to version 1.8.180 or later where the vulnerability is patched. If immediate upgrade is not feasible, restrict access to the FreeScout instance to trusted administrators only, minimizing the risk of privilege escalation or misuse. Implement strict access controls and monitor user activities for suspicious behavior, especially any attempts to manipulate translation management features. Regularly back up FreeScout data and configuration to enable recovery in case of directory deletion. Conduct security audits on all third-party packages integrated with FreeScout to identify similar input validation issues. Additionally, consider deploying application-layer firewalls or runtime application self-protection (RASP) tools to detect and block malicious input patterns targeting directory deletion. Finally, maintain awareness of updates from FreeScout and related packages to promptly apply future security patches.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
GitHub_M
Date Reserved
2025-05-22T12:11:39.118Z
Cvss Version
4.0
State
PUBLISHED

Threat ID: 683937b2182aa0cae29e5f90

Added to database: 5/30/2025, 4:44:34 AM

Last enriched: 7/7/2025, 8:44:55 PM

Last updated: 7/31/2025, 8:59:17 PM

Views: 11

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats