CVE-2025-52875
published 2025-06-23CVE-2025-52875: In JetBrains TeamCity before 2025.03.3 a DOM-based XSS at the Performance Monitor page was possible
PriorityP425medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
EPSS
0.72%
49.5th percentile
In JetBrains TeamCity before 2025.03.3 a DOM-based XSS at the Performance Monitor page was possible
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jetbrains | teamcity | < 2025.03.3 | 2025.03.3 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
ET WEB_SPECIFIC_APPS Kerio Control HTTP Response Splitting (CVE-2024-52875)
suricata·2025-01-08·CVSS 8.8
CVE-2024-52875 [HIGH] ET WEB_SPECIFIC_APPS Kerio Control HTTP Response Splitting (CVE-2024-52875)
ET WEB_SPECIFIC_APPS Kerio Control HTTP Response Splitting (CVE-2024-52875)
Rule: alert http $HOME_NET 4081 -> $EXTERNAL_NET any (msg:"ET WEB_SPECIFIC_APPS Kerio Control HTTP Response Splitting (CVE-2024-52875)"; flow:established,to_client; http.stat_code; content:"302"; http.header_names; to_lowercase; content:"location|0d 0a 0d 0a|"; http.response_body; content:"Server|3a 20|Kerio Control"; fast_pattern; reference:url,karmainsecurity.com/hacking-kerio-control-via-cve-2024-52875; reference:cve,2024-52875; classtype:web-application-activity; sid:2059030; rev:1; metadata:attack_target Server, tls_state TLSDecrypt, created_at 2025_01_08, cve CVE_2024_52875, deployment Perimeter, deployment Internal, deployment SSLDecrypt, confidence High, signature_severity Major, tag Exploit, updated_at 20
Suricata
ET WEB_SPECIFIC_APPS Kerio Control CRLF Injection via dest Parameter (CVE-2024-52875)
suricata·2025-01-08·CVSS 8.8
CVE-2024-52875 [HIGH] ET WEB_SPECIFIC_APPS Kerio Control CRLF Injection via dest Parameter (CVE-2024-52875)
ET WEB_SPECIFIC_APPS Kerio Control CRLF Injection via dest Parameter (CVE-2024-52875)
Rule: alert http $EXTERNAL_NET any -> $HOME_NET 4081 (msg:"ET WEB_SPECIFIC_APPS Kerio Control CRLF Injection via dest Parameter (CVE-2024-52875)"; flow:established,to_server; http.uri; content:"/nonauth/"; startswith; fast_pattern; content:".cs?"; distance:0; content:"dest|3d|"; distance:0; pcre:"/^[\S]*?(?:(?:Cg|DQ)|[NK][CD]|[o0][NK])/R"; reference:url,karmainsecurity.com/hacking-kerio-control-via-cve-2024-52875; reference:cve,2024-52875; classtype:web-application-activity; sid:2059029; rev:1; metadata:attack_target Server, tls_state TLSDecrypt, created_at 2025_01_08, cve CVE_2024_52875, deployment Perimeter, deployment Internal, deployment SSLDecrypt, confidence High, signature_severity Major, tag Expl
No public exploits indexed.
No writeups or analysis indexed.
2025-06-23
Published