{"id":49004,"date":"2025-06-05T04:21:58","date_gmt":"2025-06-05T04:21:58","guid":{"rendered":""},"modified":"2025-07-07T05:25:43","modified_gmt":"2025-07-07T11:25:43","slug":"cve-2025-48481-critical-vulnerability-in-freescout-prior-to-version-1-8-180","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-48481-critical-vulnerability-in-freescout-prior-to-version-1-8-180\/","title":{"rendered":"<strong>CVE-2025-48481: Critical Vulnerability in FreeScout Prior to Version 1.8.180<\/strong>"},"content":{"rendered":"<p><strong>Overview<\/strong><\/p>\n<p>The cybersecurity world has been hit with a recent discovery of a significant vulnerability, CVE-2025-48481, in the FreeScout self-hosted help desk and shared mailbox system. This vulnerability, which allows an attacker to activate and access blocked or deleted accounts, poses a significant risk to all users of FreeScout versions prior to 1.8.180. This <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-31916-unrestricted-file-upload-vulnerability-in-jp-students-result-management-system-premium\/\"  data-wpil-monitor-id=\"54896\">vulnerability stands out due to its potential for system<\/a> compromise and data leakage, granting malicious actors unauthorized access to sensitive information.<\/p>\n<p><strong>Vulnerability Summary<\/strong><\/p>\n<p>CVE ID: CVE-2025-48481<br \/>\nSeverity: Critical (CVSS Score: 9.8)<br \/>\nAttack Vector: Network<br \/>\nPrivileges Required: None<br \/>\nUser Interaction: Required<br \/>\nImpact: Potential <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2023-42977-path-handling-vulnerability-that-risks-data-leakage-and-system-compromise\/\"  data-wpil-monitor-id=\"56959\">system compromise or data leakage<\/a><\/p>\n<p><strong>Affected Products<\/strong><\/p><div id=\"ameeb-1949310564\" class=\"ameeb-content-2 ameeb-entity-placement\"><div style=\"border-left: 4px solid #555; padding-left: 20px; margin: 48px 0; font-family: Roboto, sans-serif; color: #ffffff; line-height: 1.6; max-width: 700px;\">\r\n  <h2 style=\"margin-top: 0; font-size: 20px; font-weight: 600; display: flex; align-items: center;\">\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\" style=\"display: inline-flex; align-items: center; margin-right: 8px;\">\r\n      <img decoding=\"async\" src=\"https:\/\/www.ameeba.com\/blog\/wp-content\/uploads\/2025\/10\/Best-App-icon-Ameeba.png\" alt=\"Ameeba Chat Icon\" style=\"width: 40px; height: 40px;\" \/>\r\n    <\/a>\r\n    A new way to communicate\r\n  <\/h2>\r\n\r\n  <p style=\"margin-bottom: 12px;\">\r\n    Ameeba Chat is built on encrypted identity, not personal profiles.\r\n  <\/p>\r\n\r\n  <p style=\"margin-bottom: 16px;\">\r\n    Message, call, share files, and coordinate with identities kept separate.\r\n  <\/p>\r\n\r\n  <ul style=\"list-style: none; padding-left: 0; margin-bottom: 20px;\">\r\n    <li>\u2022 Encrypted identity<\/li>\r\n    <li>\u2022 Ameeba Chat authenticates access<\/li>\r\n    <li>\u2022 Aliases and categories<\/li>\r\n    <li>\u2022 End-to-end encrypted chat, calls, and files<\/li>\r\n    <li>\u2022 Secure notes for sensitive information<\/li>\r\n  <\/ul>\r\n\r\n  <p style=\"font-style: italic; font-weight: 600; margin-bottom: 24px;\">\r\n    Private communication, rethought.\r\n  <\/p>\r\n\r\n  <div style=\"display: flex; flex-wrap: wrap; gap: 12px;\">\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\/download\" style=\"background-color: #ffffff; color: #000000; padding: 10px 20px; text-decoration: none; border-radius: 6px; font-weight: 500;\">Download Ameeba Chat<\/a>\r\n    <a href=\"https:\/\/www.ameeba.com\/chat\" style=\"border: 1px solid #ffffff; color: #ffffff; padding: 10px 20px; text-decoration: none; border-radius: 6px; font-weight: 500;\">Learn More<\/a>\r\n  <\/div>\r\n<\/div>\r\n<\/div>\n<p>Product | Affected Versions<\/p>\n<p><a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-48477-critical-vulnerability-in-freescout-prior-to-version-1-8-180\/\"  data-wpil-monitor-id=\"57814\">FreeScout | Versions prior<\/a> to 1.8.180<\/p>\n<p><strong>How the Exploit Works<\/strong><\/p>\n<p>The vulnerability, CVE-2025-48481, resides in the account activation process of FreeScout <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-48865-manipulation-of-x-forwarded-headers-in-fabio-prior-to-version-1-6-6\/\"  data-wpil-monitor-id=\"58293\">prior to version<\/a> 1.8.180. Specifically, an attacker with an unactivated email invitation containing an invite_hash can exploit this process. The <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-5098-printershare-android-app-vulnerability-allows-unauthorized-gmail-account-access\/\"  data-wpil-monitor-id=\"55110\">vulnerability allows the attacker to self-activate their account<\/a>, even if it has been blocked or deleted. This is achieved by leveraging the invitation link from the email, which provides initial <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-52571-unauthenticated-access-to-telegram-account-and-server-via-hikka-userbot\/\"  data-wpil-monitor-id=\"64505\">access to the account<\/a>.<\/p>\n<p><strong>Conceptual Example Code<\/strong><\/p><div id=\"ameeb-218650646\" class=\"ameeb-content ameeb-entity-placement\"><div class=\"poptin-embedded\" data-id=\"f6b387694f681\"><\/div>\r\n\r\n\r\n\r\n\r\n\r\n<\/div>\n<p>To <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-45997-exploiting-file-upload-vulnerability-in-web-based-pharmacy-product-management-system\/\"  data-wpil-monitor-id=\"56960\">exploit this vulnerability<\/a>, an attacker might use an HTTP request similar to the following:<\/p>\n<pre><code class=\"\" data-line=\"\">GET \/activate-account?invite_hash=malicious_hash HTTP\/1.1\nHost: vulnerable-freescout.example.com<\/code><\/pre>\n<p>In this request, `malicious_hash` would be the invite_hash from a blocked or deleted account&#8217;s invitation email. By sending this request, the attacker could self-activate their account and gain <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-39350-unauthorized-access-vulnerability-in-rocket-apps-wproject\/\"  data-wpil-monitor-id=\"55638\">unauthorized access<\/a> to the FreeScout system.<\/p>\n<p><strong>Recommendations for Mitigation<\/strong><\/p>\n<p>Users of FreeScout are urged to immediately update their software to version 1.8.180 or later, in which this issue has been patched. In case the patch cannot be immediately applied, temporary mitigation can be achieved by using a Web Application Firewall (WAF) or Intrusion Detection System (IDS) to detect and block <a href=\"https:\/\/www.ameeba.com\/blog\/cve-2025-1277-memory-corruption-vulnerability-in-autodesk-applications-through-malicious-pdf-files\/\"  data-wpil-monitor-id=\"57157\">malicious attempts to exploit this vulnerability<\/a>. However, these are merely stop-gap measures, and upgrading to a patched version of FreeScout remains the most effective solution to this critical <a href=\"https:\/\/www.ameeba.com\/blog\/enhancing-cybersecurity-integrating-human-risk-management-with-security-awareness-training\/\"  data-wpil-monitor-id=\"56961\">security risk<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Overview The cybersecurity world has been hit with a recent discovery of a significant vulnerability, CVE-2025-48481, in the FreeScout self-hosted help desk and shared mailbox system. This vulnerability, which allows an attacker to activate and access blocked or deleted accounts, poses a significant risk to all users of FreeScout versions prior to 1.8.180. This vulnerability [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"footnotes":""},"categories":[1],"tags":[],"vendor":[],"product":[],"attack_vector":[],"asset_type":[],"severity":[],"exploit_status":[],"class_list":["post-49004","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/49004","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/comments?post=49004"}],"version-history":[{"count":8,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/49004\/revisions"}],"predecessor-version":[{"id":58007,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/posts\/49004\/revisions\/58007"}],"wp:attachment":[{"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/media?parent=49004"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/categories?post=49004"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/tags?post=49004"},{"taxonomy":"vendor","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/vendor?post=49004"},{"taxonomy":"product","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/product?post=49004"},{"taxonomy":"attack_vector","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/attack_vector?post=49004"},{"taxonomy":"asset_type","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/asset_type?post=49004"},{"taxonomy":"severity","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/severity?post=49004"},{"taxonomy":"exploit_status","embeddable":true,"href":"https:\/\/www.ameeba.com\/blog\/wp-json\/wp\/v2\/exploit_status?post=49004"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}