Detections
Analytics

TYPO3 12.0.0 < 12.4.31 / 13.0.0 < 13.4.12 (TYPO3-CORE-SA-2025-015)

high Nessus Plugin ID 236964

Synopsis

The remote webserver is affected by a vulnerability

Description

The version of TYPO3 installed on the remote host is 12.0.0 prior to 12.4.31 / 13.0.0 prior to 13.4.12. It is, therefore, affected by a vulnerability as referenced in the TYPO3-CORE-SA-2025-015 advisory.

 - The multifactor authentication (MFA) dialog presented during backend login can be bypassed due to insufficient enforcement of access restrictions on all backend routes. Successful exploitation requires valid backend user credentials, as MFA can only be bypassed after successful authentication.
 (CVE-2025-47941)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to TYPO3 12.4.31, 13.4.12 or later.

See Also

https://typo3.org/security/advisory/typo3-core-sa-2025-015

Plugin Details

Severity: High

ID: 236964

File Name: typo3_core-sa-2025-015.nasl

Version: 1.1

Type: remote

Family: CGI abuses

Published: 5/20/2025

Updated: 5/20/2025

Configuration: Enable thorough checks (optional)

Supported Sensors: Nessus

Enable CGI Scanning: true

Risk Information

VPR

Risk Factor: High

Score: 7.4

CVSS v2

Risk Factor: High

Base Score: 8.3

Temporal Score: 6.1

Vector: CVSS2#AV:N/AC:L/Au:M/C:C/I:C/A:C

CVSS Score Source: CVE-2025-47941

CVSS v3

Risk Factor: High

Base Score: 7.2

Temporal Score: 6.3

Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:typo3:typo3

Required KB Items: www/PHP, installed_sw/TYPO3

Exploit Ease: No known exploits are available

Patch Publication Date: 5/20/2025

Vulnerability Publication Date: 5/20/2025

Reference Information

CVE: CVE-2025-47941