Call Forwarding Configuration Vulnerability in MeetMe Products by Fermax
CVE-2025-2908

8.5HIGH

Key Information:

Vendor: Fermax
Status: Meetme
Vendor: CVE Published:; 28 March 2025

What is CVE-2025-2908?

The MeetMe products by Fermax contain a vulnerability in the call forwarding configuration module. This flaw permits unauthorized access to sensitive assets due to the exposure of credentials in configuration files for versions preceding 2024-09. An attacker could exploit this weakness to manipulate or extract critical information, potentially leading to further security breaches.

Affected Version(s)

MeetMe 0 < 2024-09

References

https://www.incibe.es/en/incibe-cert/notices/aviso/multip...

CVSS V4

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 28, 2025
Vulnerability Reserved
Mar 28, 2025

Credit

Fermax cybersecurity team

CVE-2025-2908 Data

JSON