CVE-2025-27615

Name of the Vulnerable Software and Affected Versions umatiGateway (affected versions not specified)

Description The user interface of umatiGateway may be publicly accessible, allowing configuration viewing and alteration. A commit uses 127.0.0.1:8080:8080 to limit access to the local network. As a workaround, a firewall on Port 8080 may block remote access, but it may not be perfect due to Docker's port forwarding rules.

Recommendations For those who cannot apply the proposed patch, consider configuring a firewall to block remote access on Port 8080 as a temporary mitigation measure. Restrict access to the user interface to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.