- Description
- umatiGateway is software for connecting OPC Unified Architecture servers with an MQTT broker utilizing JSON messages. The user interface may possibly be publicly accessible with umatiGateway's provided docker-compose file. With this access, the configuration can be viewed and altered. Commit 5d81a3412bc0051754a3095d89a06d6d743f2b16 uses `127.0.0.1:8080:8080` to limit access to the local network. For those who are unable to use this proposed patch, a firewall on Port 8080 may block remote access, but the workaround may not be perfect because Docker may also bypass a firewall by its iptable based rules for port forwarding.
- Source
- security-advisories@github.com
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 8.2
- Impact score
- 4.2
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
- Severity
- HIGH
- security-advisories@github.com
- CWE-200
- Hype score
- Not currently trending
🚨 CVE-2025-27615 🔴 HIGH (8.2) 🏢 umati - umatiGateway 🏗️ < 5d81a3412bc0051754a3095d89a06d6d743f2b16 🔗 https://t.co/ENNp10zXV4 🔗 https://t.co/BuSXE0GA76 🔗 https://t.co/MEiORRp0Ym 🔗 https://t.co/2WZa4n4fjS #CyberCron #VulnAlert #InfoSec https://t.co/B1j5pbiSnN
@cybercronai
12 Mar 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-27615 umatiGateway is software for connecting OPC Unified Architecture servers with an MQTT broker utilizing JSON messages. The user interface may possibly be publicly acce… https://t.co/LTRQQSGD52
@CVEnew
10 Mar 2025
324 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes