-/10CrowdSec Score

ScriptCase - Authentication Bypass (CVE-2025-47227)

Published on05-07-2025

First seen on01-01-1970

Public ExploitCVSS 7.5/10ScriptCase - ScriptCase

0Exploiting IPs reported

In the Production Environment extension in Netmake ScriptCase through 9.12.006 (23), the Administrator password reset mechanism is mishandled. Making both a GET and a POST request to login.php.is sufficient. An unauthenticated attacker can then bypass authentication via administrator account takeover.

Exploitation

Get real-time information about exploitation attempts and actors involved.

Detected IPs

Discover the IPs that targeted this vulnerability across the CrowdSec Network.

・

Protection

Find out relevant information to protect your stack against this CVE.

Blocklist

With our advanced worldwide network detection, CrowdSec can provide a list of IPs known for exploiting the vulnerability.

To increase your protection against this CVE, block exploitation attempts with this list of identified actors.

ScriptCase - Authentication Bypass (CVE-2025-47227)

Exploitation

Detected IPs

Protection

Blocklist

References