Vulnerability-Lookup

CVE-2025-48388 (GCVE-0-2025-48388)

Vulnerability from cvelistv5 – Published: 2025-05-29 09:16 – Updated: 2025-05-29 13:39

Title

FreeScout Has Insufficient Protection Against CRLF-injection

Summary

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.178, the application performs insufficient validation of user-supplied data, which is used as arguments to string formatting functions. As a result, an attacker can pass a string containing special symbols (\r, \n, \t)to the application. This issue has been patched in version 1.8.178.

Severity ?

7 (High)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N

CWE

CWE-134 - Use of Externally-Controlled Format String
CWE-93 - Improper Neutralization of CRLF Sequences ('CRLF Injection')

Assigner

GitHub_M

References

URL

Tags

	https://github.com/freescout-help-desk/freescout/…	x_refsource_CONFIRM
	https://github.com/freescout-help-desk/freescout/…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	freescout-help-desk	freescout	Affected: < 1.8.178

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-48388",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-29T13:28:25.605154Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-29T13:39:08.939Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "freescout",
          "vendor": "freescout-help-desk",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.8.178"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.178, the application performs insufficient validation of user-supplied data, which is used as arguments to string formatting functions. As a result, an attacker can pass a string containing special symbols (\\r, \\n, \\t)to the application. This issue has been patched in version 1.8.178."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "privilegesRequired": "HIGH",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "LOW"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-134",
              "description": "CWE-134: Use of Externally-Controlled Format String",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-93",
              "description": "CWE-93: Improper Neutralization of CRLF Sequences (\u0027CRLF Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-29T09:16:25.163Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/freescout-help-desk/freescout/security/advisories/GHSA-c76f-wggm-grcq",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/freescout-help-desk/freescout/security/advisories/GHSA-c76f-wggm-grcq"
        },
        {
          "name": "https://github.com/freescout-help-desk/freescout/commit/eab97711027fff4bce90ccd2e189cbc184fa0370",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/freescout-help-desk/freescout/commit/eab97711027fff4bce90ccd2e189cbc184fa0370"
        }
      ],
      "source": {
        "advisory": "GHSA-c76f-wggm-grcq",
        "discovery": "UNKNOWN"
      },
      "title": "FreeScout Has Insufficient Protection Against CRLF-injection"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-48388",
    "datePublished": "2025-05-29T09:16:25.163Z",
    "dateReserved": "2025-05-19T15:46:00.398Z",
    "dateUpdated": "2025-05-29T13:39:08.939Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CNVD-2025-21031

Vulnerability from cnvd - Published: 2025-09-11

Title

Freescout字符串格式化漏洞

Description

FreeScout是一款基于PHP Laravel框架构建的开源帮助台系统，旨在为用户提供类似Zendesk或Help Scout的功能，但无需牺牲隐私或自由度。 Freescout存在字符串格式化漏洞，该漏洞源于对用户提供数据的验证不足，目前没有详细的漏洞细节提供。

Severity

高

Patch Name

Freescout字符串格式化漏洞的补丁

Patch Description

FreeScout是一款基于PHP Laravel框架构建的开源帮助台系统，旨在为用户提供类似Zendesk或Help Scout的功能，但无需牺牲隐私或自由度。 Freescout存在字符串格式化漏洞，该漏洞源于对用户提供数据的验证不足，目前没有详细的漏洞细节提供。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已发布升级程序修复该安全问题，详情见厂商官网： https://github.com/freescout-help-desk/freescout/releases

Reference

https://github.com/freescout-help-desk/freescout/commit/eab97711027fff4bce90ccd2e189cbc184fa0370

Impacted products

Name
Freescout Freescout <1.8.178

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2025-48388",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2025-48388"
    }
  },
  "description": "FreeScout\u662f\u4e00\u6b3e\u57fa\u4e8ePHP Laravel\u6846\u67b6\u6784\u5efa\u7684\u5f00\u6e90\u5e2e\u52a9\u53f0\u7cfb\u7edf\uff0c\u65e8\u5728\u4e3a\u7528\u6237\u63d0\u4f9b\u7c7b\u4f3cZendesk\u6216Help Scout\u7684\u529f\u80fd\uff0c\u4f46\u65e0\u9700\u727a\u7272\u9690\u79c1\u6216\u81ea\u7531\u5ea6\u3002\n\nFreescout\u5b58\u5728\u5b57\u7b26\u4e32\u683c\u5f0f\u5316\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5bf9\u7528\u6237\u63d0\u4f9b\u6570\u636e\u7684\u9a8c\u8bc1\u4e0d\u8db3\uff0c\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u7684\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u7a0b\u5e8f\u4fee\u590d\u8be5\u5b89\u5168\u95ee\u9898\uff0c\u8be6\u60c5\u89c1\u5382\u5546\u5b98\u7f51\uff1a\r\nhttps://github.com/freescout-help-desk/freescout/releases",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2025-21031",
  "openTime": "2025-09-11",
  "patchDescription": "FreeScout\u662f\u4e00\u6b3e\u57fa\u4e8ePHP Laravel\u6846\u67b6\u6784\u5efa\u7684\u5f00\u6e90\u5e2e\u52a9\u53f0\u7cfb\u7edf\uff0c\u65e8\u5728\u4e3a\u7528\u6237\u63d0\u4f9b\u7c7b\u4f3cZendesk\u6216Help Scout\u7684\u529f\u80fd\uff0c\u4f46\u65e0\u9700\u727a\u7272\u9690\u79c1\u6216\u81ea\u7531\u5ea6\u3002\r\n\r\nFreescout\u5b58\u5728\u5b57\u7b26\u4e32\u683c\u5f0f\u5316\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u5bf9\u7528\u6237\u63d0\u4f9b\u6570\u636e\u7684\u9a8c\u8bc1\u4e0d\u8db3\uff0c\u76ee\u524d\u6ca1\u6709\u8be6\u7ec6\u7684\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Freescout\u5b57\u7b26\u4e32\u683c\u5f0f\u5316\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Freescout Freescout \u003c1.8.178"
  },
  "referenceLink": "https://github.com/freescout-help-desk/freescout/commit/eab97711027fff4bce90ccd2e189cbc184fa0370",
  "serverity": "\u9ad8",
  "submitTime": "2025-06-11",
  "title": "Freescout\u5b57\u7b26\u4e32\u683c\u5f0f\u5316\u6f0f\u6d1e"
}

FKIE_CVE-2025-48388

Vulnerability from fkie_nvd - Published: 2025-05-29 10:15 - Updated: 2025-07-11 15:22

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N

Summary

References

	URL	Tags
	security-advisories@github.com	https://github.com/freescout-help-desk/freescout/commit/eab97711027fff4bce90ccd2e189cbc184fa0370	Patch
	security-advisories@github.com	https://github.com/freescout-help-desk/freescout/security/advisories/GHSA-c76f-wggm-grcq	Vendor Advisory

Impacted products

	Vendor	Product	Version
	freescout	freescout	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:freescout:freescout:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8E0D2641-4473-4694-A5CA-F58375E5B731",
              "versionEndExcluding": "1.8.178",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.178, the application performs insufficient validation of user-supplied data, which is used as arguments to string formatting functions. As a result, an attacker can pass a string containing special symbols (\\r, \\n, \\t)to the application. This issue has been patched in version 1.8.178."
    },
    {
      "lang": "es",
      "value": "FreeScout es un servicio de asistencia gratuito y autoalojado, con buz\u00f3n compartido. Antes de la versi\u00f3n 1.8.178, la aplicaci\u00f3n realizaba una validaci\u00f3n insuficiente de los datos proporcionados por el usuario, que se utilizaban como argumentos para las funciones de formato de cadena. Como resultado, un atacante pod\u00eda pasar una cadena con s\u00edmbolos especiales (\\r, \\n, \\t) a la aplicaci\u00f3n. Este problema se ha corregido en la versi\u00f3n 1.8.178."
    }
  ],
  "id": "CVE-2025-48388",
  "lastModified": "2025-07-11T15:22:53.133",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 1.2,
        "impactScore": 5.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 7.0,
          "baseSeverity": "HIGH",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "HIGH",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "LOW",
          "vulnConfidentialityImpact": "HIGH",
          "vulnIntegrityImpact": "LOW",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "security-advisories@github.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-05-29T10:15:20.060",
  "references": [
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Patch"
      ],
      "url": "https://github.com/freescout-help-desk/freescout/commit/eab97711027fff4bce90ccd2e189cbc184fa0370"
    },
    {
      "source": "security-advisories@github.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://github.com/freescout-help-desk/freescout/security/advisories/GHSA-c76f-wggm-grcq"
    }
  ],
  "sourceIdentifier": "security-advisories@github.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-93"
        },
        {
          "lang": "en",
          "value": "CWE-134"
        }
      ],
      "source": "security-advisories@github.com",
      "type": "Secondary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-48388 (GCVE-0-2025-48388)

CNVD-2025-21031

FKIE_CVE-2025-48388

Tags

Sightings

Nomenclature