CVE-2025-49825
CRITICAL NUCLEITeleport <= 17.5.1 - Unauthenticated Remote Authentication Bypass
Title source: llmExploitation Summary
CVE-2025-49825 has a Nuclei detection template available — see the Nuclei card below for the Shodan/FOFA recon queries.
Description
Teleport provides connectivity, authentication, access controls and audit for infrastructure. Community Edition versions before and including 17.5.1 are vulnerable to remote authentication bypass. At time of posting, there is no available open-source patch.
Nuclei Templates (1)
Teleport - Authentication Bypass
CRITICALVERIFIEDby pdteam
Shodan:
http.favicon.hash:544208100 || http.favicon.hash:1854879765 || http.favicon.hash:-1275955539 || Set-Cookie: __Host-grv_csrf
FOFA:
icon_hash="544208100" || icon_hash="1854879765" || icon_hash="-1275955539" || Set-Cookie: __Host-grv_csrf
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://github.com/gravitational/teleport/security/advisories/GHSA-8cqv-pj7f-pwpc
Scores
CVSS v3
9.8
EPSS
0.0775
EPSS Percentile
93.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
total
Details
CWE
CWE-863
Status
published
Products (3)
gravitational/teleport
17.0.0 - 17.5.2Go
gravitational/teleport
<= 0.0.0-20250616162021-79b2f26125a1
gravitational/teleport
<= 17.5.1
Published
Jun 17, 2025
Tracked Since
Feb 18, 2026