CVE-2025-6089 – This vulnerability in Astun Technology iShare M... (How to Fix)

Q: What is the severity of CVE-2025-6089?

CVE-2025-6089 has a CVSS score of 4.3 (MEDIUM). This vulnerability in Astun Technology iShare Maps allows attackers to redirect users to malicious websites by manipulating the 'ref' parameter in atCheckJS.aspx. It affects iShare Maps version 5.4.0 and can be exploited remotely without authentication. Organizations using this specific version are at risk of phishing attacks.

📋 TL;DR

This vulnerability in Astun Technology iShare Maps allows attackers to redirect users to malicious websites by manipulating the 'ref' parameter in atCheckJS.aspx. It affects iShare Maps version 5.4.0 and can be exploited remotely without authentication. Organizations using this specific version are at risk of phishing attacks.

💻 Affected Systems

Products:

Astun Technology iShare Maps

Versions: 5.4.0

Operating Systems: Any OS running iShare Maps

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects the specific atCheckJS.aspx file with the ref parameter manipulation.

📦 What is this software?

Ishare Maps by Astuntechnology

View all CVEs affecting Ishare Maps →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Users could be redirected to phishing sites that steal credentials or deliver malware, potentially leading to account compromise or system infection.

🟠

Likely Case

Attackers use the redirect for phishing campaigns to steal user credentials or distribute malware.

🟢

If Mitigated

With proper web application firewalls and user education, impact is limited to failed phishing attempts.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploit has been publicly disclosed and open redirect vulnerabilities are commonly weaponized for phishing.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: None provided

Restart Required: No

Instructions:

No official patch available. Contact Astun Technology for updates or consider upgrading to a newer version if available.

🔧 Temporary Workarounds

Input Validation for ref Parameter

all

Implement server-side validation to ensure the ref parameter only contains allowed URLs or domains.

Modify atCheckJS.aspx to validate ref parameter against whitelist

Web Application Firewall Rule

all

Add WAF rule to block requests with suspicious ref parameter values.

Add rule: Block requests where ref parameter contains external domains or suspicious patterns

🧯 If You Can't Patch

Implement strict input validation on the ref parameter to only allow known, trusted URLs
Deploy a web application firewall with rules to detect and block open redirect attempts

🔍 How to Verify

Check if Vulnerable:

Test by accessing atCheckJS.aspx with a malicious ref parameter value pointing to external domain

Check Version:

Check iShare Maps version in application interface or configuration files

Verify Fix Applied:

Test that ref parameter validation prevents redirects to unauthorized domains

📡 Detection & Monitoring

Log Indicators:

Unusual redirect patterns in web server logs
Requests to atCheckJS.aspx with external URLs in ref parameter

Network Indicators:

HTTP 302 redirects to unexpected domains from atCheckJS.aspx

SIEM Query:

web.url:*atCheckJS.aspx* AND web.query:ref=*http*

📊 Metadata

CVE ID: CVE-2025-6089

CVSS v3 Score: 4.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

CWE: CWE-601

EPSS Score: 0.02% exploit probability (5.9th percentile)

Published: June 15, 2025

Last Updated: January 26, 2026

🔗 References

https://vuldb.com/?ctiid.312556 Permissions Required,VDB Entry
https://vuldb.com/?id.312556 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.587876 Third Party Advisory,VDB Entry

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-6089, you might also want to check these: