CVE-2025-24011

MEDIUM

Umbraco CMS 14.0.0-14.3.1 - Unauthenticated User Enumeration via Management API Response Analysis

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-24011. PoCs published by Puben.

AI-analyzed exploit summary This PoC exploits a timing-based username enumeration vulnerability in Umbraco CMS by measuring response times for login attempts. It builds a statistical model of incorrect login timings and compares them to identify valid usernames.

Description

Umbraco is a free and open source .NET content management system. Starting in version 14.0.0 and prior to versions 14.3.2 and 15.1.2, it's possible to determine whether an account exists based on an analysis of response codes and timing of Umbraco management API responses. Versions 14.3.2 and 15.1.2 contain a patch. No known workarounds are available.

Exploits (1)

nomisec WORKING POC 1 stars
by Puben · poc
https://github.com/Puben/CVE-2025-24011-PoC

This PoC exploits a timing-based username enumeration vulnerability in Umbraco CMS by measuring response times for login attempts. It builds a statistical model of incorrect login timings and compares them to identify valid usernames.

Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Moderate
Reliability
Reliable
Target: Umbraco CMS versions 15.1.1, 13.7.2, and others
No auth needed
Prerequisites: Network access to the Umbraco login endpoint · List of potential usernames (emails)
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Scores

CVSS v3 5.3
EPSS 0.4159
EPSS Percentile 97.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-200 CWE-203
Status published
Products (2)
nuget/Umbraco.Cms 14.0.0 - 14.3.2NuGet
umbraco/umbraco_cms 14.0.0 - 14.3.2
Published Jan 21, 2025
Tracked Since Feb 18, 2026