CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-49127: Kafbat UI vulnerable to Remote Code Execution by JMX in Metrices Configuration

8.9 CVSS

Description

Kafbat UI is a web user interface for managing Apache Kafka clusters. An unsafe deserialization vulnerability in version 1.0.0 allows any unauthenticated user to execute arbitrary code on the server. Version 1.1.0 fixes the issue.

Classification

CVE ID: CVE-2025-49127

CVSS Base Severity: HIGH

CVSS Base Score: 8.9

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Problem Types

CWE-502: Deserialization of Untrusted Data

Affected Products

Vendor: kafbat

Product: kafka-ui

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.12% (probability of being exploited)

EPSS Percentile: 31.19% (scored less or equal to compared to others)

EPSS Date: 2025-06-27 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-49127
https://github.com/kafbat/kafka-ui/security/advisories/GHSA-g3mf-c374-fgh2
https://github.com/kafbat/kafka-ui/releases/tag/v1.1.0

Timeline

2025-06-06 21:40:18 UTC
CVE

Kafbat UI vulnerable to Remote Code Execution by JMX in Metrices Configuration