CVE Daily

CVE-2025-24022

iTop is an web based IT Service Management tool. Prior to versions 2.7.12, 3.1.3...

High CVSS 8.5

Overview

iTop is an web based IT Service Management tool. Prior to versions 2.7.12, 3.1.3, and 3.2.1, server code execution is possible through the frontend of iTop's portal. This is fixed in versions 2.7.12, 3.1.3 and 3.2.1.

CWE: CWE-78 Published: 2025-05-14T15:15:56.293
Risk analysis

This vulnerability is rated 🟠 HIGH.

  • CVSS: 8.5 (HIGH)
  • Detected tags: rce (tag impact: VERY HIGH)

Recommended actions:

  • Patch/upgrade immediately (remote code execution).
  • Reduce exposure (WAF/segmentation), minimize attack surface.

Recommended tools

Tags