CVE-2025-1712
published 2025-05-21CVE-2025-1712: Argument injection in special agent configuration in Checkmk <2.4.0p1, <2.3.0p32, <2.2.0p42 and 2.1.0 allows authenticated attackers to write arbitrary files
PriorityP358high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
0.66%
47.0th percentile
Argument injection in special agent configuration in Checkmk <2.4.0p1, <2.3.0p32, <2.2.0p42 and 2.1.0 allows authenticated attackers to write arbitrary files
Affected
14 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| checkmk | checkmk | < 2.2.0 | 2.2.0 |
| checkmk | checkmk | — | — |
| checkmk | checkmk | — | — |
| checkmk | checkmk | — | — |
| checkmk_gmbh | checkmk | — | — |
| checkmk_gmbh | checkmk | >= 2.2.0 < 2.2.0p42 | 2.2.0p42 |
| checkmk_gmbh | checkmk | >= 2.3.0 < 2.3.0p32 | 2.3.0p32 |
| checkmk_gmbh | checkmk | >= 2.4.0 < 2.4.0p1 | 2.4.0p1 |
| fedify | fedify | >= 0 < 1.3.20 | 1.3.20 |
| fedify | fedify | >= 1.4.0-dev.585 < 1.4.13 | 1.4.13 |
| fedify | fedify | >= 1.5.0-dev.636 < 1.5.5 | 1.5.5 |
| fedify | fedify | >= 1.6.0-dev.754 < 1.6.8 | 1.6.8 |
| fedify | fedify | >= 1.7.0-pr.251.885 < 1.7.9 | 1.7.9 |
| fedify | fedify | >= 1.8.0-dev.909 < 1.8.5 | 1.8.5 |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv4.08.7HIGHCVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
osv8.7HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
@fedify/fedify has Improper Authentication and Incorrect Authorization
ghsa·2025-08-08
CVE-2025-54888 [HIGH] CWE-287 @fedify/fedify has Improper Authentication and Incorrect Authorization
@fedify/fedify has Improper Authentication and Incorrect Authorization
### Summary
An authentication bypass vulnerability allows any unauthenticated attacker to impersonate any ActivityPub actor by sending forged activities signed with their own keys. Activities are processed before verifying the signing key belongs to the claimed actor, enabling complete actor impersonation across all Fedify instances
### Details
The vulnerability exists in handleInboxInternal function in fedify/federation/handler.ts. The critical flaw is in the order of operations:
1. Line 1712: routeActivity() is called first, which processes the activity (either immediately or by adding to queue)
2. Line 1730: Authentication check (doesActorOwnKey) happens AFTER processing
```ts
// fedify/federation/handler.ts:1712
GHSA
GHSA-46rp-wqr5-v5mj: Argument injection in special agent configuration in Checkmk <2
ghsa_unreviewed·2025-05-21
CVE-2025-1712 [HIGH] CWE-88 GHSA-46rp-wqr5-v5mj: Argument injection in special agent configuration in Checkmk <2
Argument injection in special agent configuration in Checkmk <2.4.0p1, <2.3.0p32, <2.2.0p42 and 2.1.0 allows authenticated attackers to write arbitrary files
OSV
CVE-2025-1712: Argument injection in special agent configuration in Checkmk <2
osv·2025-05-21·CVSS 8.7
CVE-2025-1712 [HIGH] CVE-2025-1712: Argument injection in special agent configuration in Checkmk <2
Argument injection in special agent configuration in Checkmk <2.4.0p1, <2.3.0p32, <2.2.0p42 and 2.1.0 allows authenticated attackers to write arbitrary files
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-05-21
Published