Metrics
Affected Vendors & Products
Wed, 03 Sep 2025 19:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Freescout Helpdesk
Freescout Helpdesk freescout |
|
Vendors & Products |
Freescout Helpdesk
Freescout Helpdesk freescout |
Wed, 03 Sep 2025 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 03 Sep 2025 03:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Wed, 03 Sep 2025 03:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Wed, 03 Sep 2025 02:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. In versions 1.8.185 and below, the application performs deserialization of data that can allow authenticated attackers with knowledge of the application's APP_KEY to achieve remote code execution. The vulnerability can be exploited via endpoint: `/help/{mailbox_id}/auth/{customer_id}/{hash}/{timestamp}` where the `customer_id` and `timestamp` parameters are processed through the decrypt function in `app/Helper.php` without proper validation. The vulnerable code performs decryption using Laravel's built-in encryption functions, which subsequently deserializes the decrypted payload without sanitization. This is fixed in version 1.8.186. | FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Versions 1.8.185 and earlier contain a deserialization of untrusted data vulnerability that allows authenticated attackers with knowledge of the application's APP_KEY to achieve remote code execution. The vulnerability is exploited via endpoint, e.g.: `/help/{mailbox_id}/auth/{customer_id}/{hash}/{timestamp}` where the `customer_id` and `timestamp` parameters are processed through the decrypt function in `app/Helper.php` without proper validation. The code decrypts using Laravel's built-in encryption functions, which subsequently deserialize the decrypted payload without sanitization, allowing attackers to craft malicious serialized PHP objects using classes to trigger arbitrary command execution. This is fixed in version 1.8.186. |
References |
Wed, 03 Sep 2025 01:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. In versions 1.8.185 and below, the application performs deserialization of data that can allow authenticated attackers with knowledge of the application's APP_KEY to achieve remote code execution. The vulnerability can be exploited via endpoint: `/help/{mailbox_id}/auth/{customer_id}/{hash}/{timestamp}` where the `customer_id` and `timestamp` parameters are processed through the decrypt function in `app/Helper.php` without proper validation. The vulnerable code performs decryption using Laravel's built-in encryption functions, which subsequently deserializes the decrypted payload without sanitization. This is fixed in version 1.8.186. | |
Title | FreeScout's deserialization of untrusted data can lead to Remote Code Execution | |
Weaknesses | CWE-502 | |
References |
| |
Metrics |
cvssV4_0
|

Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2025-09-03T15:44:39.509Z
Reserved: 2025-08-27T13:34:56.186Z
Link: CVE-2025-58163

Updated: 2025-09-03T13:47:23.188Z

Status : Received
Published: 2025-09-03T02:15:37.193
Modified: 2025-09-03T03:15:38.257
Link: CVE-2025-58163

No data.

Updated: 2025-09-03T19:30:21Z