CVE-2025-2277 - AskarLabs CVE Database

CVE-2025-2277

Vendor Devolutions

Product Server

Weakness CWE-200 · Info exposure

Published March 13, 2025

Last update March 18, 2025

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

Exposure of password in web-based SSH authentication component in Devolutions Server 2024.3.13 and earlier allows a user to unadvertently leak his SSH password due to missing password masking.

Key dates

02Disclosure timeline

March 13, 2025 CVE published

March 18, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-2277 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/200.html

Related vulnerabilities

04Related CVE

CVE-2025-30214 Frappe vulnerable to information disclosure leading to account takeover CVE-2023-2749 A Gain Information vulnerability was found on Download Center. CVE-2026-54396 MISP AuthKey edit endpoint allows authenticated user email enumeration CVE-2026-2976 FastApiAdmin Download Endpoint controller.py download_controller information disclosure CVE-2025-7394