CVE-2025-57788

MEDIUM EXPLOITED NUCLEI

Commvault - Unauthenticated API Access

Title source: llm

Exploitation Summary

CVE-2025-57788 has been observed exploited in the wild (reported by VulnCheck KEV). A Nuclei detection template is also available.

Description

A vulnerability in a known login mechanism allows unauthenticated attackers to execute API calls without requiring user credentials. RBAC helps limit the exposure but does not eliminate risk.

Nuclei Templates (1)

Commvault Unauthenticated Password Disclosure (WT-2025-0047)

MEDIUMVERIFIEDby DhiyaneshDK,iamnoooob,pdresearch,watchtowr

Shodan: http.favicon.hash:-542502280

References (2)

Core 2

Core References

Vendor Advisory

https://documentation.commvault.com/securityadvisories/CV_2025_08_3.html

Exploit, Third Party Advisory

https://labs.watchtowr.com/guess-who-would-be-stupid-enough-to-rob-the-same-vault-twice-pre-auth-rce-chains-in-commvault/#wt-2025-0047hardcoded-credentials

Scores

CVSS v3 6.5

EPSS 0.8067

EPSS Percentile 99.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

VulnCheck KEV 2025-08-23

CWE

CWE-259

Status published

Products (1)

commvault/commvault < 11.36.60

Published Aug 20, 2025

Tracked Since Feb 18, 2026