CVE-2025-24785 – This vulnerability in iTop 3.2.0 allows attacke... (How to Fix)

Q: What is the severity of CVE-2025-24785?

CVE-2025-24785 has a CVSS score of 4.3 (MEDIUM). This vulnerability in iTop 3.2.0 allows attackers to send specially crafted URLs that trigger PHP errors, causing the dashboard to crash for subsequent users. It affects all iTop 3.2.0 installations with default configurations. The issue is a denial-of-service vulnerability that disrupts user access to the dashboard.

📋 TL;DR

This vulnerability in iTop 3.2.0 allows attackers to send specially crafted URLs that trigger PHP errors, causing the dashboard to crash for subsequent users. It affects all iTop 3.2.0 installations with default configurations. The issue is a denial-of-service vulnerability that disrupts user access to the dashboard.

💻 Affected Systems

Products:

iTop

Versions: Version 3.2.0 only

Operating Systems: All platforms running PHP

Default Config Vulnerable: ⚠️ Yes

Notes: Affects all iTop 3.2.0 installations regardless of configuration

📦 What is this software?

Itop by Combodo

View all CVEs affecting Itop →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Persistent denial-of-service affecting all dashboard users until manual intervention or server restart

🟠

Likely Case

Temporary dashboard unavailability for users who encounter the crashed page

🟢

If Mitigated

No impact if patched or proper input validation is implemented

🌐 Internet-Facing: MEDIUM - Attackers can trigger the vulnerability remotely via crafted URLs

🏢 Internal Only: MEDIUM - Internal attackers or compromised accounts could disrupt service

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires sending crafted URLs but no authentication needed

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 3.2.1

Vendor Advisory: https://github.com/Combodo/iTop/security/advisories/GHSA-49rq-cgv9-7hv4

Restart Required: No

Instructions:

1. Backup your iTop installation and database. 2. Download iTop 3.2.1 from official sources. 3. Replace the existing installation with the patched version. 4. Verify the dashboard functionality.

🔧 Temporary Workarounds

Input validation at web server level

all

Implement URL filtering or input validation at the web server or WAF level to block malicious dashboard URLs

🧯 If You Can't Patch

Implement web application firewall rules to block suspicious dashboard URL patterns
Monitor dashboard access logs for unusual URL patterns and implement rate limiting

🔍 How to Verify

Check if Vulnerable:

Check iTop version in the application interface or by examining the installation files

Check Version:

Check the iTop web interface or examine the 'itop-version.php' file in the installation directory

Verify Fix Applied:

Verify version is 3.2.1 or higher and test dashboard functionality with various URL parameters

📡 Detection & Monitoring

Log Indicators:

PHP error logs showing dashboard-related exceptions
Unusual URL patterns in access logs containing dashboard parameters

Network Indicators:

HTTP requests with crafted dashboard URLs containing unusual layout_class parameters

SIEM Query:

source="iTop_logs" AND (dashboard AND error) OR (layout_class AND invalid)

📊 Metadata

CVE ID: CVE-2025-24785

CVSS v3 Score: 4.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

CWE: CWE-20

EPSS Score: 0.08% exploit probability (24.1th percentile)

Published: May 14, 2025

Last Updated: August 1, 2025

🔗 References

https://github.com/Combodo/iTop/security/advisories/GHSA-49rq-cgv9-7hv4 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-24785, you might also want to check these: