GeoServer - Missing Authorization on REST API Index

CVE-2025-27505

Verified

Description

GeoServer contains a missing authorization vulnerability that allows unauthorized access to the REST API Index page, potentially exposing sensitive configuration information.

Severity

Medium

CVSS Score

5.3

Exploit Probability

Affected Product

geoserver

Published Date

July 10, 2025

Template Author

securitytaters

CVE-2025-27505.yaml

id: CVE-2025-27505

info:
  name: GeoServer - Missing Authorization on REST API Index
  author: securitytaters
  severity: medium
  description: |
    GeoServer contains a missing authorization vulnerability that allows unauthorized access to the REST API Index page, potentially exposing sensitive configuration information.
  impact: |
    Unauthenticated users can access the GeoServer REST API Index page, potentially exposing sensitive configuration information and available API endpoints.
  remediation: |
    Upgrade to the latest GeoServer version that implements proper authorization checks for the REST API Index page.
  reference:
    - http://geoserver.org/
    - https://geoserver.org/vulnerability/2025/06/10/cve-disclosure.html
    - https://nvd.nist.gov/vuln/detail/CVE-2025-27505
  classification:
    epss-score: 0.00316
    epss-percentile: 0.54195
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
    cvss-score: 5.3
    cve-id: CVE-2025-27505
    cwe-id: CWE-862
    cpe: cpe:2.3:a:geoserver:geoserver:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 2
    fofa-query: app="geoserver"
    shodan-query: http.title:"geoserver"
    vendor: osgeo
    product: geoserver
  tags: cve,cve2025,geoserver,misconfig,osgeo,vkev,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}/rest.html"
      - "{{BaseURL}}/geoserver/rest.html"

    stop-at-first-match: true

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "Geoserver Configuration API"

      - type: word
        part: body
        words:
          - "about/status"

      - type: status
        status:
          - 200
# digest: 4a0a00473045022001b8ad9f99364178617b60827e80200a55f94847a1de24c73763dc0c438f1b6f02210086e2794952adb755e9be6b3c619447cfb5be06c335f1e526e4fbbbbd641de7b2:922c64590222798bb761d5b6d8e72950

5.3Score

CVSS Metrics

CVSS Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CVE ID:

cve-2025-27505

CWE ID:

cwe-862

References

http://geoserver.org/https://geoserver.org/vulnerability/2025/06/10/cve-disclosure.html https://nvd.nist.gov/vuln/detail/CVE-2025-27505

Remediation Steps

Upgrade to the latest GeoServer version that implements proper authorization checks for the REST API Index page.

id: CVE-2025-27505

info:
  name: GeoServer - Missing Authorization on REST API Index
  author: securitytaters
  severity: medium
  description: |
    GeoServer contains a missing authorization vulnerability that allows unauthorized access to the REST API Index page, potentially exposing sensitive configuration information.
  impact: |
    Unauthenticated users can access the GeoServer REST API Index page, potentially exposing sensitive configuration information and available API endpoints.
  remediation: |
    Upgrade to the latest GeoServer version that implements proper authorization checks for the REST API Index page.
  reference:
    - http://geoserver.org/
    - https://geoserver.org/vulnerability/2025/06/10/cve-disclosure.html
    - https://nvd.nist.gov/vuln/detail/CVE-2025-27505
  classification:
    epss-score: 0.00316
    epss-percentile: 0.54195
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
    cvss-score: 5.3
    cve-id: CVE-2025-27505
    cwe-id: CWE-862
    cpe: cpe:2.3:a:geoserver:geoserver:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 2
    fofa-query: app="geoserver"
    shodan-query: http.title:"geoserver"
    vendor: osgeo
    product: geoserver
  tags: cve,cve2025,geoserver,misconfig,osgeo,vkev,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}/rest.html"
      - "{{BaseURL}}/geoserver/rest.html"

    stop-at-first-match: true

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "Geoserver Configuration API"

      - type: word
        part: body
        words:
          - "about/status"

      - type: status
        status:
          - 200
# digest: 4a0a00473045022001b8ad9f99364178617b60827e80200a55f94847a1de24c73763dc0c438f1b6f02210086e2794952adb755e9be6b3c619447cfb5be06c335f1e526e4fbbbbd641de7b2:922c64590222798bb761d5b6d8e72950

GeoServer - Missing Authorization on REST API Index

Description

Severity

CVSS Score

Exploit Probability

Affected Product

Published Date

Template Author

Nuclei Template

CVSS Metrics

References

Remediation Steps

GeoServer - Missing Authorization on REST API Index

Description

Severity

CVSS Score

Exploit Probability

Affected Product

Published Date

Template Author

Nuclei Template

CVSS Metrics

References

Remediation Steps