CVE-2025-48925

Name of the Vulnerable Software and Affected Versions TeleMessage service through 2025-05-05

Description The issue concerns the TeleMessage service relying on client-side MD5 hashing for authentication credentials. This has been exploited in the wild. The service accepts the hash as the authentication credential, which is a security concern.

Recommendations For versions through 2025-05-05, consider disabling the MD5 hashing authentication mechanism until a more secure method is implemented. Restrict access to the TeleMessage service to minimize the risk of exploitation. Avoid using the MD5 hashed credentials in authentication processes until the issue is resolved.