Warning: Remote code execution vulnerability in AndSoft's e-TMS, Patch Immediately!

Image
Decorative image
Published : 03/10/2025

 

    * Last update:  03/10/2025
   
    * Affected software: AndSoft's e-TMS
 
    * Type: Remote code execution
 
    * CVE/CVSS
        → CVE-2025-59735: CVSS 9.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

 

Sources

NIST https://nvd.nist.gov/vuln/detail/CVE-2025-59735
 

Risks

A critical security flaw (CVE-2025-59735) has been found in AndSoft’s e-TMS software that could allow attackers to take full control of affected systems remotely. This means sensitive data could be stolen, operations disrupted, or the system could be used to launch further attacks. There is a high impact on the confidentiality, integrity and availability of the server data.

Description

A vulnerable web application hosting AndSoft's e-TMS can be exploited by a malicious actor to perform remote code execution. The vulnerable web pages are developed in ASP .NET and have a security flaw wherein the "m" parameter is used for sending commands in a POST request.

Recommended Actions

 
Patch  
The Centre for Cybersecurity Belgium strongly recommends installing updates for vulnerable devices with the highest priority, after thorough testing.

This vulnerability is fixed as of version v25.04 

Monitor/Detect 

The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity, ensuring a swift response in case of an intrusion.
 
In case of an intrusion, you can report an incident via: https://ccb.belgium.be/report-incident.

While patching appliances or software to the newest version may provide safety from future exploitation, it does not remediate historic compromise.
 
 

References

INCIBE https://www.incibe.es/en/incibe-cert/notices/aviso/update-24092025-multiple-vulnerabilities-andsofts-e-tms