COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2025-48928

CVE-2025-48928

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2025-07-01
Reference
https://nvd.nist.gov/vuln/detail/CVE-2025-48928
⌖ exploited in the wild shame 50/100 exploited-in-wild

TeleMessage TM SGNL contains an exposure of core dump file to an unauthorized control sphere Vulnerability. This vulnerability is based on a JSP application in which the heap content is roughly equivalent to a "core dump" in which a password previously sent over HTTP would be inc

Players implicated

TeleMessage · vendorTM SGNL · product

Description

TeleMessage TM SGNL contains an exposure of core dump file to an unauthorized control sphere Vulnerability. This vulnerability is based on a JSP application in which the heap content is roughly equivalent to a "core dump" in which a password previously sent over HTTP would be included in this dump.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.