Improper Certificate Validation in Checkmk Exchange Plugin Affects Freebox v6 Agent
CVE-2025-58125

6.9MEDIUM

Key Information:

Status
Vendor: CVE Published:; 28 August 2025

What is CVE-2025-58125?

The Checkmk Exchange plugin for the Freebox v6 agent is vulnerable to improper certificate validation, enabling attackers to execute man-in-the-middle (MitM) attacks. This vulnerability allows malicious actors to intercept and manipulate network traffic between the agent and the server, potentially leading to unauthorized access to sensitive data and compromised system integrity. Mitigation strategies are essential to safeguard against such threats, ensuring that proper certificate verification mechanisms are in place to protect data in transit.

References

https://exchange.checkmk.com/p/freebox-v6

product

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 28, 2025
Vulnerability Reserved
Aug 25, 2025

Credit

Felix Eberstaller (Limes Security)

Jakob Hartmann (Limes Security)