VYPR
Unrated severityNVD Advisory· Published May 14, 2025· Updated Jan 20, 2026

iTop server vulnerable to portal code injection

CVE-2025-24022

Description

iTop is an web based IT Service Management tool. Prior to versions 2.7.12, 3.1.3, and 3.2.1, server code execution is possible through the frontend of iTop's portal. This is fixed in versions 2.7.12, 3.1.3 and 3.2.1.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Combodo/Itopllm-fuzzy2 versions
    < 3.2.1 or < 3.1.3 or < 2.7.12+ 1 more
    • (no CPE)range: < 3.2.1 or < 3.1.3 or < 2.7.12
    • (no CPE)range: < 2.7.12

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.