CVE-2025-5605

MEDIUM EXPLOITED NUCLEI

WSO2 API Control Plane - Authentication Bypass via Request URI Manipulation

Title source: llm

Exploitation Summary

CVE-2025-5605 has been observed exploited in the wild (reported by VulnCheck KEV). A Nuclei detection template is also available.

Description

An authentication bypass vulnerability exists in the Management Console of multiple WSO2 products. A malicious actor with access to the console can manipulate the request URI to bypass authentication and access certain restricted resources, resulting in partial information disclosure. The known exposure from this issue is limited to memory statistics. While the vulnerability does not allow full account compromise, it still enables unauthorized access to internal system details.

Nuclei Templates (1)

WSO2 Management Console - Authentication Bypass

MEDIUMVERIFIEDby DhiyaneshDK

Shodan: http.favicon.hash:1398055326

References (1)

Core 1

Core References

Vendor Advisory vendor-advisory

https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4115/

Scores

CVSS v3 4.3

EPSS 0.0621

EPSS Percentile 91.1%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

VulnCheck KEV 2025-11-28

CWE

CWE-290

Status published

Products (22)

wso2/api_control_plane 4.5.0

wso2/api_manager 3.1.0

wso2/api_manager 3.2.0

wso2/api_manager 3.2.1

wso2/api_manager 4.0.0

wso2/api_manager 4.1.0

wso2/api_manager 4.2.0

wso2/api_manager 4.3.0

wso2/api_manager 4.4.0

wso2/api_manager 4.5.0

... and 12 more

Published Oct 24, 2025

Tracked Since Feb 18, 2026