CVE-2025-67274 – This vulnerability in continuous.software aangi... (How to Fix)

📋 TL;DR

This vulnerability in continuous.software aangine v.2025.2 allows remote attackers to access sensitive information through multiple service endpoints. The information exposure affects organizations using the aangine platform's excel-integration, integration-persistence, and portfolio-item services.

💻 Affected Systems

Products:

continuous.software aangine

Versions: v.2025.2

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Affects multiple service modules: excel-integration-service, integration-persistence-service, portfolio-item-service

📦 What is this software?

Aangine by Continuous.software

View all CVEs affecting Aangine →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete exposure of sensitive business data, intellectual property, customer information, and internal system details leading to data breach, regulatory fines, and reputational damage.

🟠

Likely Case

Partial exposure of sensitive data including business metrics, integration configurations, and portfolio information that could be used for further attacks.

🟢

If Mitigated

Limited exposure of non-critical information with proper access controls and network segmentation in place.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Remote exploitation via HTTP endpoints suggests straightforward attack vectors

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://aangine.com

Restart Required: Yes

Instructions:

1. Monitor vendor website for security updates
2. Apply patch when available
3. Restart affected services after patching

🔧 Temporary Workarounds

Network Access Restriction

linux

Restrict network access to vulnerable endpoints using firewall rules

iptables -A INPUT -p tcp --dport [PORT] -s [TRUSTED_IP] -j ACCEPT
iptables -A INPUT -p tcp --dport [PORT] -j DROP

Endpoint Authentication

all

Implement authentication on affected endpoints if not already present

🧯 If You Can't Patch

Implement strict network segmentation to isolate aangine services
Deploy web application firewall (WAF) with information disclosure protection rules

🔍 How to Verify

Check if Vulnerable:

Test if unauthenticated access to /excel-integration-service/template-download, /integration-persistence-service/job-listing, /portfolio-item-service/data-retrieval endpoints returns sensitive data

Check Version:

Check aangine version in application configuration or admin interface

Verify Fix Applied:

Verify that sensitive information is no longer exposed through the affected endpoints

📡 Detection & Monitoring

Log Indicators:

Unusual access patterns to template download, job listing, or data retrieval endpoints
High volume of requests to sensitive endpoints from single IPs

Network Indicators:

HTTP requests to vulnerable endpoints without authentication headers
Unusual data egress patterns from aangine services

SIEM Query:

source="aangine" AND (uri="/excel-integration-service/template-download" OR uri="/integration-persistence-service/job-listing" OR uri="/portfolio-item-service/data-retrieval") AND NOT auth_token=*

📊 Metadata

CVE ID: CVE-2025-67274

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-200

EPSS Score: 0.05% exploit probability (16.8th percentile)

Published: January 26, 2026

Last Updated: February 12, 2026

🔗 References

https://aangine.com Product
https://continuous.software/products Product
https://gist.github.com/c4m0uflag3/26fec868b764c4e7314ad246bab01c88 Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-67274, you might also want to check these: