CVE-2025-43801
HIGHDescription
Unchecked input for loop condition vulnerability in XML-RPC in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0, 2023.Q3.1 through 2023.Q3.4, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions allows remote attackers to perform a denial-of-service (DoS) attacks via a crafted XML-RPC request.
Is your site exposed to CVE-2025-43801?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | digital_experience_platform |
| liferay | liferay_portal |
References
Frequently Asked Questions
What is CVE-2025-43801? +
How severe is CVE-2025-43801? +
What products are affected by CVE-2025-43801? +
How do I check if I'm vulnerable to CVE-2025-43801? +
Related Vulnerabilities
A denial of service (DoS) vulnerability in Palo Alto Networks Prisma SD-WAN ION devices enables an unauthenticated attacker in a …
.NET and Visual Studio Denial of Service Vulnerability
OFPPacketQueue in parser.py in Faucet SDN Ryu 4.34 allows attackers to cause a denial of service (infinite loop) via OFPQueueProp.len=0.
Relative Path Traversal vulnerabilities in ASPECT allow access to file resources if session administrator credentials become compromised. This issue affects …
An Unchecked Input for Loop Condition vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX …
SAP Business Planning and Consolidation allows an authenticated standard user to call a function module by crafting specific parameters that …