Unauthorized Access in MeetMe Products by Fermax
CVE-2025-2911

5.3MEDIUM

Key Information:

Vendor: Fermax
Status: Meetme
Vendor: CVE Published:; 28 March 2025

What is CVE-2025-2911?

An unauthorized access vulnerability in Fermax's MeetMe products allows attackers to exploit the call forwarding service system. Versions prior to 2024-09 are susceptible to this issue, enabling an attacker to identify multiple users and conduct brute force attacks via extensions, potentially compromising user privacy and system integrity.

Affected Version(s)

MeetMe 0 < 2024-09

References

https://www.incibe.es/en/incibe-cert/notices/aviso/multip...

CVSS V4

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 28, 2025
Vulnerability Reserved
Mar 28, 2025

Credit

Fermax cybersecurity team

CVE-2025-2911 Data

JSON