Plataforma
php
Componente
glpi
Corrigido em
10.0.1
CVE-2025-53105 is a vulnerability affecting GLPI, a Free Asset and IT Management Software package. This issue allows a connected user lacking administrative privileges to modify the order in which rules are executed within the system. This can lead to unauthorized actions and potential compromise of IT assets. The vulnerability impacts GLPI versions 10.0.0 through 10.0.18, and a patch is available in version 10.0.19.
The primary impact of CVE-2025-53105 is the potential for unauthorized modification of GLPI’s rule execution order. Attackers could leverage this to bypass security controls, escalate privileges, or manipulate data within the IT asset management system. For example, an attacker could alter rules related to user access or asset assignment, granting themselves or other malicious actors elevated permissions. The blast radius extends to any data or functionality controlled by GLPI’s rules engine, potentially impacting the entire IT infrastructure managed by the system. While not directly exploitable for remote code execution, the ability to manipulate rules can lead to significant operational disruption and data breaches.
This vulnerability is not currently listed on the CISA KEV catalog. Public proof-of-concept exploits are not yet available, suggesting a relatively low probability of immediate exploitation. However, the ease of exploitation (requiring only a connected user account) warrants prompt patching. The NVD was published on 2025-08-27, indicating recent public disclosure.
Organizations heavily reliant on GLPI for IT asset management and service desk functionality are at significant risk. Specifically, deployments with a large number of users who do not have administrative privileges are particularly vulnerable, as these users represent the potential attack vector. Shared hosting environments where multiple users share a single GLPI instance also face increased risk.
• wordpress / composer / npm:
grep -r 'rule_execution_order' /var/www/html/glpi/• generic web:
curl -I http://your-glpi-server/index.php?app=rules&module=rule_execution_orderdisclosure
Status do Exploit
EPSS
0.08% (percentil 23%)
CISA SSVC
Vetor CVSS
The primary mitigation for CVE-2025-53105 is to immediately upgrade GLPI to version 10.0.19 or later. If an immediate upgrade is not feasible due to compatibility concerns or testing requirements, consider implementing temporary workarounds. While no direct WAF rules can prevent this vulnerability, restricting user permissions and carefully auditing rule changes can help limit the potential impact. Regularly review and validate all GLPI rules to ensure they adhere to security best practices. After upgrading, confirm the fix by verifying that non-administrator users are unable to modify the rule execution order within the GLPI interface.
Actualice GLPI a la versión 10.0.19 o superior. Esta versión contiene la corrección para la vulnerabilidad que permite a usuarios no autorizados cambiar el orden de ejecución de las reglas. La actualización se puede realizar a través del panel de administración de GLPI o descargando la última versión desde el sitio web oficial.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2025-53105 is a vulnerability in GLPI versions 10.0.0 through 10.0.18 that allows non-admin users to change the order of rule execution, potentially leading to unauthorized actions.
You are affected if you are running GLPI versions 10.0.0 through 10.0.18. Upgrade to version 10.0.19 or later to resolve the issue.
Upgrade GLPI to version 10.0.19 or later. If immediate upgrade is not possible, restrict user permissions and audit rule changes.
There are currently no confirmed reports of active exploitation, but the vulnerability's ease of exploitation warrants prompt patching.
Refer to the GLPI security advisory for detailed information and patching instructions: [https://glpi.org/security](https://glpi.org/security)
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.