← Volver a CVEs
CVE-2025-61301
HIGH7.5
Descripcion
Denial-of-analysis in reporting/mongodb.py and reporting/jsondump.py in CAPEv2 (commit 52e4b43, on 2025-05-17) allows attackers who can submit samples to cause incomplete or missing behavioral analysis reports by generating deeply nested or oversized behavior data that trigger MongoDB BSON limits or orjson recursion errors when the sample executes in the sandbox.
Detalles CVE
Puntuacion CVSS v3.17.5
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado10/20/2025
Ultima modificacion10/21/2025
Fuentenvd
Avistamientos honeypot0
Debilidades (CWE)
CWE-400
Referencias
http://capev2.com(cve@mitre.org)
https://github.com/eGkritsis/CVE-2025-61301(cve@mitre.org)
https://github.com/kevoreilly/CAPEv2(cve@mitre.org)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.