[Update 24/09/2025] Multiple vulnerabilities in AndSoft's e-TMS
Posted date 19/09/2025
Identificador
INCIBE-2025-0510
Importance
5 - Critical
Affected Resources
- e-TMS, v25.03 version.
Description
INCIBE has coordinated the publication of 40 vulnerabilities: 8 critical, 1 high and 31 medium severity, affecting AndSoft's e-TMS, an integrated transport management software. The vulnerabilities were discovered by Maximilian Hildebrand (m10x.de).
These vulnerabilities have been assigned the following codes, CVSS v4.0 base score, CVSS vector, and CWE vulnerability type for each vulnerability:
- CVE-2025-59735 to CVE-2025-59741: CVSS v4.0: 9.3 | CVSS AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N | CWE-77
- CVE-2025-59742 and CVE-2025-59743: CVSS v4.0: 9.3 | CVSS AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N | CWE-89
- CVE-2025-59744: CVSS v4.0: 8.7 | CVSS AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N | CWE-22
- CVE-2025-59745: CVSS v4.0: 6.9 | CVSS AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N | CWE-327
- CVE-2025-59746 to CVE-2025-59774: CVSS v4.0: 5.1 | CVSS AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N | CWE-79
Solution
[Update 24/09/2025]
The vulnerabilities have been resolved in patches e-TMS VNL 25001 and VNL 25010.
Specifically, they were resolved in January 2025. Additionally, as of version v25.04, these vulnerabilities have been completely fixed and are no longer present in the system. AndSoft subjects e-TMS to annual penetration testing in order to guarantee the security of its systems. The last of these tests was carried out in June 2025.
Detail
- Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute operating system commands on the server by sending a POST request. The relationship between parameters and assigned identifiers is as follows:
- CVE-2025-59735: 'm' parameter in '/clt/LOGINFRM.ASP'.
- CVE-2025-59736: 'm' parameter in '/clt/LOGINFRM_DJO.ASP'.
- CVE-2025-59737: 'm' parameter in '/clt/LOGINFRM_LXA.ASP'.
- CVE-2025-59738: 'm' parameter in '/clt/LOGINFRM_BET.ASP'.
- CVE-2025-59739: 'm' parameter in '/clt/LOGINFRM_original.ASP'.
- CVE-2025-59740: 'm' parameter in '/clt/LOGINFRM_CAT.ASP'.
- CVE-2025-59741: 'm' parameter in '/CLT/LOGINERRORFRM.ASP'.
- SQL injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability could allow an attacker to retrieve, create, update, and delete databases by sending a POST request. The relationship between parameters and assigned identifiers is as follows:
- CVE-2025-59742: 'USRMAIL' parameter in'/inc/login/TRACK_REQUESTFRMSQL.ASP'.
- CVE-2025-59743: 'SessionID' cookie in '/inc/connect/CONNECTION.ASP'.
- CVE-2025-59744: Path traversal vulnerability in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to access files only within the web root using the “docurl” parameter in “/lib/asp/DOCSAVEASASP.ASP”.
- CVE-2025-59745: Vulnerability in the cryptographic algorithm of AndSoft's e-TMS v25.03, which uses MD5 to encrypt passwords. MD5 is a cryptographically vulnerable hash algorithm and is no longer considered secure for storing or transmitting passwords. It is vulnerable to collision attacks and can be easily cracked with modern hardware, exposing user credentials to potential risks.
- Cross-site scripting (XSS) vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameters and assigned identifiers is as follows:
- CVE-2025-59746: 'm' parameter in '/lib/asp/alert.asp'.
- CVE-2025-59747: 'l' parameter in '/clt/resetPassword.asp'.
- CVE-2025-59748: 'l' and 'reset' parameters in '/clt/changepassword.asp'.
- CVE-2025-59749: 'l' parameter in '/clt/TRACK_REQUEST.ASP'.
- 'l, demo, demo2, TNTLOGIN, UO and SuppConn' parameters in :
- CVE-2025-59750: '/clt/LOGINFRM.ASP'.
- CVE-2025-59751: '/clt/LOGINFRM_DJO.ASP'.
- CVE-2025-59752: '/clt/LOGINFRM_LXA.ASP'.
- CVE-2025-59753: '/clt/LOGINFRM_BET.ASP'.
- CVE-2025-59754: '/clt/LOGINFRM_original.ASP'.
- CVE-2025-59755: '/clt/LOGINFRM_CAT.ASP'.
- CVE-2025-59756: 'SuppConn in /clt/LOGINFRM_CON.ASP'.
- CVE-2025-59757: '/clt/LOGINFRM_CATOLD.ASP'.
- CVE-2025-59758: '/clt/LOGINFRM_CYLOG.ASP'.
- CVE-2025-59759: '/clt/LOGINFRM_DELCROIX.ASP'.
- CVE-2025-59760: '/clt/LOGINFRM_DHL.ASP'.
- CVE-2025-59761: '/clt/LOGINFRM_DLG.ASP'.
- CVE-2025-59762: '/clt/LOGINFRM_EFLOG.ASP'.
- CVE-2025-59763: '/clt/LOGINFRM_EK.ASP'.
- CVE-2025-59764: '/clt/LOGINFRM_FCC.ASP'.
- CVE-2025-59765: '/clt/LOGINFRM_LF.ASP'.
- CVE-2025-59766: '/clt/LOGINFRM_LT.ASP'.
- CVE-2025-59767: '/clt/LOGINFRM_LVE.ASP'.
- CVE-2025-59768: '/clt/LOGINFRM_MNG.ASP'.
- CVE-2025-59769: '/clt/LOGINFRM_MOL.ASP'.
- CVE-2025-59770: '/clt/LOGINFRM_MON.ASP'.
- CVE-2025-59771: '/clt/LOGINFRM_MRK.ASP'.
- CVE-2025-59772: '/clt/LOGINFRM_SIL.ASP'.
- CVE-2025-59773: '/clt/LOGINFRM_TP.ASP'.
- CVE-2025-59774: '/clt/LOGINFRM_VON.ASP'.
CVE
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59735
Severidad
Crítica
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59736
Severidad
Crítica
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59737
Severidad
Crítica
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59738
Severidad
Crítica
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59739
Severidad
Crítica
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59740
Severidad
Crítica
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59741
Severidad
Crítica
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59742
Severidad
Crítica
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59743
Severidad
Crítica
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59744
Severidad
Alta
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59745
Severidad
Media
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59746
Severidad
Media
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59747
Severidad
Media
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59748
Severidad
Media
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59749
Severidad
Media
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59750
Severidad
Media
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59751
Severidad
Media
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59752
Severidad
Media
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59753
Severidad
Media
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59754
Severidad
Media
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59755
Severidad
Media
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59756
Severidad
Media
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59757
Severidad
Media
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59758
Severidad
Media
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59759
Severidad
Media
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59760
Severidad
Media
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59761
Severidad
Media
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59762
Severidad
Media
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59763
Severidad
Media
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59764
Severidad
Media
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59765
Severidad
Media
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59766
Severidad
Media
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59767
Severidad
Media
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59768
Severidad
Media
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59769
Severidad
Media
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59770
Severidad
Media
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59771
Severidad
Media
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59772
Severidad
Media
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59773
Severidad
Media
Explotación
No
Nuevo Fabricante
AndSoft
Identificador CVE
CVE-2025-59774
Severidad
Media
References list
Etiquetas
