{"id":76143,"date":"2025-09-25T17:18:22","date_gmt":"2025-09-25T17:18:22","guid":{"rendered":""},"modified":"2025-11-04T00:18:47","modified_gmt":"2025-11-04T06:18:47","slug":"cve-2025-57644-critical-vulnerabilities-within-accela-automation-platform-s-test-script-feature","status":"publish","type":"post","link":"https:\/\/www.ameeba.com\/blog\/cve-2025-57644-critical-vulnerabilities-within-accela-automation-platform-s-test-script-feature\/","title":{"rendered":"CVE-2025-57644: Critical Vulnerabilities Within Accela Automation Platform’s Test Script Feature<\/strong>"},"content":{"rendered":"

Overview<\/strong><\/p>\n

CVE-2025-57644 is a critical vulnerability that has been identified within the Accela Automation Platform version 22.2.3.0.230103. This vulnerability is of significant concern as it can be exploited by an authenticated administrative user, allowing them to execute arbitrary Java code on the server, leading to remote code execution. The severity of this vulnerability<\/a> is further compounded by additional issues with improper input validation that can lead to arbitrary file write and server-side request forgery (SSRF) attacks. These vulnerabilities not only pose a risk to the security of the server but can also lead to unauthorized access<\/a> to sensitive data and further exploitation of the network.<\/p>\n

Vulnerability Summary<\/strong><\/p>\n

CVE ID: CVE-2025-57644
\nSeverity: Critical (CVSS score 9.1)
\nAttack Vector: Network
\nPrivileges Required: High (Admin Privileges)
\nUser Interaction: None
\nImpact: Full server compromise, unauthorized access to sensitive data<\/a>, potential for further network exploitation.<\/p>\n

Affected Products<\/strong><\/p>

\r\n

\r\n \r\n \"Ameeba\r\n <\/a>\r\n A new way to communicate\r\n <\/h2>\r\n\r\n

\r\n Ameeba Chat is built on encrypted identity, not personal profiles.\r\n <\/p>\r\n\r\n

\r\n Message, call, share files, and coordinate with identities kept separate.\r\n <\/p>\r\n\r\n