Cybersecurity Vulnerabilities

OneUptime Under Attack: CVE-2025-66028 Exposes Privilege Escalation Risk

November 26, 2025 - By 

Overview

CVE-2025-66028 describes a privilege escalation vulnerability affecting OneUptime, a solution designed for monitoring and managing online services. This vulnerability allows an attacker to potentially gain unauthorized access to the admin dashboard by manipulating the login response.

Technical Details

The vulnerability lies in the login process of OneUptime versions prior to 8.0.5567. The server response included a parameter called isMasterAdmin. An attacker could intercept the login response and modify the value of this parameter from false to true. By doing so, they could gain access to the admin dashboard interface. It is important to note, however, that even with access to the dashboard, the attacker’s ability to view or interact with data may be limited depending on their underlying permissions.

CVSS Analysis

Currently, both the Severity and CVSS Score for CVE-2025-66028 are listed as N/A. A proper CVSS score would need to be calculated to accurately reflect the exploitability and impact of this vulnerability. Factors to consider when assigning a score include the attack vector, attack complexity, required privileges, user interaction, scope, confidentiality impact, integrity impact, and availability impact.

Possible Impact

While an attacker may not immediately gain full control over the system, gaining access to the admin dashboard could be a stepping stone for further malicious activities. Potential impacts include:

  • Information disclosure: Viewing sensitive configuration data or monitoring information.
  • Service disruption: Potentially altering configurations that lead to service outages.
  • Further exploitation: Using the compromised dashboard access as a base to launch more sophisticated attacks.

Mitigation and Patch Steps

The vulnerability has been patched in OneUptime version 8.0.5567. It is strongly recommended that all OneUptime users upgrade to this version or a later version immediately to mitigate the risk. If upgrading is not immediately possible, consider implementing network-level restrictions to limit access to the OneUptime instance and monitor login attempts for suspicious activity.

References

OneUptime Commit 3e72b2a9a4f50f98cf1f6cf13fa3e405715bb370 (Patch)
GHSA-675q-66gf-gqg8 (GitHub Security Advisory)

Cybersecurity specialist and founder of Gowri Shankar Infosec - a professional blog dedicated to sharing actionable insights on cybersecurity, data protection, server administration, and compliance frameworks including SOC 2, PCI DSS, and GDPR.

Related Posts

CVE-2025-61932 Critical Remote Code Execution Vulnerability in LANSCOPE Endpoint Manager

CVE-2025-61932: Critical Remote Code Execution Vulnerability in LANSCOPE Endpoint Manager

October 23, 2025

Leave a Reply

Your email address will not be published. Required fields are marked *