CVE-2025-15251

Name of the Vulnerable Software and Affected Versions FastBee versions prior to 2.1

Description A flaw exists in the SIP Message Handler component of FastBee, specifically within the getRootElement function located in the file springboot/fastbee-server/sip-server/src/main/java/com/fastbee/sip/handler/req/ReqAbstractHandler.java. This issue allows for XML External Entity (XXE) reference manipulation, potentially enabling remote attacks. The complexity of exploiting this issue is considered high, and exploitability is difficult.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.