What is CVE-2025-22984?

An access control issue in Thecosy iceCMS v2.2.0 allows unauthenticated attackers to access sensitive information. Organizations should prioritize patching to mitigate this risk.

What is the severity of CVE-2025-22984?

CVE-2025-22984 has a severity rating of HIGH with a CVSS base score of 7.5.

CVE-2025-22984 | High Vulnerability in Thecosy iceCMS

CVE-2025-22984 is a high-severity vulnerability affecting Thecosy iceCMS version 2.2.0. This vulnerability allows unauthorized access to sensitive information through a specific API endpoint. The risk posed by this vulnerability is significant as it does not require any form of authentication, potentially exposing critical data to attackers.

The CVSS score for this vulnerability is 7.5, categorizing it as high severity. The attack vector is network-based, with low complexity and no privileges required for exploitation. The urgency for organizations to address this vulnerability is high, as attackers may leverage this weakness to gain unauthorized access.

Organizations should prioritize patching immediately. Failure to do so can lead to severe consequences, including data breaches and loss of sensitive information.

Currently, there are no known exploits or public proof of concepts available for this vulnerability, but the potential for exploitation remains, making it crucial for organizations to remain vigilant.

Vulnerability Details

The vulnerability is characterized as an access control issue in the component /api/squareComment/DelectSquareById of iceCMS v2.2.0. The official CVE description highlights that unauthenticated attackers can access sensitive information due to this flaw.

This vulnerability is classified under CWE-922, which relates to access control mechanisms that fail to properly restrict access to sensitive data.

With a CVSS score of 7.5, this vulnerability presents a high risk to organizations using the affected version of iceCMS. The publication date of the CVE was January 14, 2025.

Technical Analysis

The root cause of this vulnerability stems from inadequate access controls implemented in the API endpoint. Attackers can exploit this weakness without needing any prior authentication, making it a straightforward target.

The attack vector is network-based, allowing attackers to reach the affected endpoint from anywhere on the internet. The attack complexity is low, as it does not require any privileges or user interaction.

The impact on confidentiality is high, as sensitive data can be accessed by unauthorized individuals. However, there is no impact on integrity or availability.

Risk & Impact Analysis

The real-world deployment risk of this vulnerability is considerable. Organizations utilizing Thecosy iceCMS v2.2.0 must understand that the exposure of sensitive information can lead to severe reputational and legal consequences.

The potential blast radius is broad, as any unauthenticated user can exploit this vulnerability if they can access the network. Organizations must assess their security posture and implement necessary controls to mitigate risks.

Given the high CVSS score, organizations should prioritize addressing this vulnerability within their patch management cycle.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

The affected version of iceCMS is 2.2.0. Organizations should ensure they upgrade to the latest version that addresses this vulnerability.

Mitigation & Remediation

Organizations should apply the latest security patches for iceCMS to remediate this vulnerability. If a patch is not available, consider implementing configuration hardening measures to restrict access to the API endpoint.

Monitoring for unusual access patterns and implementing network controls can also help mitigate the risk associated with this vulnerability.

For further guidance on security measures, organizations can refer to our comprehensive penetration testing services.

Detection Guidance

To detect potential exploitation of this vulnerability, organizations should monitor logs for unauthorized access attempts to the affected API endpoint.

Behavioral anomalies and unusual traffic patterns can indicate attempts to exploit the vulnerability.

AppSecure Threat Intelligence Insight

The long-term significance of CVE-2025-22984 lies in its demonstration of the critical need for robust access control mechanisms in API development. This vulnerability highlights the potential risks associated with inadequate security measures.

Security teams must learn from this incident and reinforce their security posture to prevent similar vulnerabilities in the future. Regular security assessments and adherence to security best practices are essential.

For additional resources on securing applications, organizations can explore our articles on vulnerability management programs, penetration testing methodology, and API security best practices to enhance their security framework.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2025-22984: High Vulnerability in Thecosy iceCMS