Vulnerability Details CVE-2025-14518
A vulnerability was identified in PowerJob up to 5.1.2. This vulnerability affects the function checkConnectivity of the file src/main/java/tech/powerjob/common/utils/net/PingPongUtils.java of the component Network Request Handler. The manipulation of the argument targetIp/targetPort leads to server-side request forgery. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 12.2%
CVSS Severity
CVSS v3 Score 6.3
CVSS v2 Score 6.5
References
- https://github.com/PowerJob/PowerJob/issues/1144
- https://github.com/PowerJob/PowerJob/issues/1144#issue-3673393002
- https://vuldb.com/?ctiid.335856
- https://vuldb.com/?id.335856
- https://vuldb.com/?submit.702896
- https://github.com/PowerJob/PowerJob/issues/1144
- https://github.com/PowerJob/PowerJob/issues/1144#issue-3673393002
Products affected by CVE-2025-14518
-
cpe:2.3:a:powerjob:powerjob:1.0.0
-
cpe:2.3:a:powerjob:powerjob:1.1.0
-
cpe:2.3:a:powerjob:powerjob:1.1.1
-
cpe:2.3:a:powerjob:powerjob:1.2.0
-
cpe:2.3:a:powerjob:powerjob:1.2.1
-
cpe:2.3:a:powerjob:powerjob:2.0.0
-
cpe:2.3:a:powerjob:powerjob:3.0.0
-
cpe:2.3:a:powerjob:powerjob:3.0.1
-
cpe:2.3:a:powerjob:powerjob:3.1.0
-
cpe:2.3:a:powerjob:powerjob:3.1.1
-
cpe:2.3:a:powerjob:powerjob:3.1.2
-
cpe:2.3:a:powerjob:powerjob:3.1.3
-
cpe:2.3:a:powerjob:powerjob:3.2.0
-
cpe:2.3:a:powerjob:powerjob:3.2.1
-
cpe:2.3:a:powerjob:powerjob:3.2.2
-
cpe:2.3:a:powerjob:powerjob:3.2.3
-
cpe:2.3:a:powerjob:powerjob:3.3.0
-
cpe:2.3:a:powerjob:powerjob:3.3.1
-
cpe:2.3:a:powerjob:powerjob:3.3.2
-
cpe:2.3:a:powerjob:powerjob:3.3.3
-
cpe:2.3:a:powerjob:powerjob:3.4.0
-
cpe:2.3:a:powerjob:powerjob:3.4.1
-
cpe:2.3:a:powerjob:powerjob:3.4.2
-
cpe:2.3:a:powerjob:powerjob:3.4.3
-
cpe:2.3:a:powerjob:powerjob:3.4.4
-
cpe:2.3:a:powerjob:powerjob:3.4.5
-
cpe:2.3:a:powerjob:powerjob:3.4.6
-
cpe:2.3:a:powerjob:powerjob:3.4.7
-
cpe:2.3:a:powerjob:powerjob:3.4.8
-
cpe:2.3:a:powerjob:powerjob:4.0.0
-
cpe:2.3:a:powerjob:powerjob:4.0.1
-
cpe:2.3:a:powerjob:powerjob:4.1.0
-
cpe:2.3:a:powerjob:powerjob:4.1.1
-
cpe:2.3:a:powerjob:powerjob:4.2.0
-
cpe:2.3:a:powerjob:powerjob:4.2.1
-
cpe:2.3:a:powerjob:powerjob:4.3.0
-
cpe:2.3:a:powerjob:powerjob:4.3.1
-
cpe:2.3:a:powerjob:powerjob:4.3.2
-
cpe:2.3:a:powerjob:powerjob:4.3.3
-
cpe:2.3:a:powerjob:powerjob:4.3.4
-
cpe:2.3:a:powerjob:powerjob:4.3.5
-
cpe:2.3:a:powerjob:powerjob:4.3.6
-
cpe:2.3:a:powerjob:powerjob:4.3.7
-
cpe:2.3:a:powerjob:powerjob:4.3.8
-
cpe:2.3:a:powerjob:powerjob:4.3.9
-
cpe:2.3:a:powerjob:powerjob:5.0.0
-
cpe:2.3:a:powerjob:powerjob:5.0.1
-
cpe:2.3:a:powerjob:powerjob:5.1.0
-
cpe:2.3:a:powerjob:powerjob:5.1.1
-
cpe:2.3:a:powerjob:powerjob:5.1.2