KEVIntel
4.3
CVSS
Medium

CVE-2025-48926

PUBLISHED

The admin panel in the TeleMessage service through 2025-05-05 allows attackers to discover usernames, e-mail addresses, passwords, and telephone...

Remote Low complexity No user interaction
Vendor
TeleMessage
Product
service
Published
May 28, 2025
EPSS

Automate this intelligence with the Pro API

Everything on this page — CVSS, EPSS, exploit status, PoCs, scanner integrations, mentions, tags, and immediate honeypot data — is available programmatically for VM, SOC, and CTI workflows.

Description

The admin panel in the TeleMessage service through 2025-05-05 allows attackers to discover usernames, e-mail addresses, passwords, and telephone numbers.

Weaknesses (CWE)

  • Authentication Bypass Using an Alternate Path or Channel

CVSS scores

CVSS v3.1 4.3 Medium

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Exploitation status

No exploitation signals recorded yet.

Timeline

  • CVE ID Reserved

  • CVE Published to Public