PT-2025-16956 · Ericsson · Erlang/Otp

Published

2025-04-17

Updated

2025-04-24

CVE-2025-32422

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

Name of the Vulnerable Software and Affected Versions Erlang/OTP versions prior to OTP-27.3.3 Erlang/OTP versions prior to OTP-26.2.5.11 Erlang/OTP versions prior to OTP-25.3.2.20

Description The issue concerns Unauthenticated Remote Code Execution in Erlang/OTP. Almost 700K CouchDB instances, which are built on the Erlang/OTP platform, are internet-facing.

Recommendations For versions prior to OTP-27.3.3, update to OTP-27.3.3 or later. For versions prior to OTP-26.2.5.11, update to OTP-26.2.5.11 or later. For versions prior to OTP-25.3.2.20, update to OTP-25.3.2.20 or later.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2025-32422

Affected Products

Erlang/Otp

PT-2025-16956 · Ericsson · Erlang/Otp

CVE-2025-32422

Related Identifiers

Affected Products

References · 7