CVE-2025-34156

UNKNOWN 0.0

Tibbo AggreGate Network Manager < 6.40.05 System Information Exposure

CVSS Score

0.0

EPSS Score

0.0%

EPSS Percentile

0th

Tibbo AggreGate Network Manager < 6.40.05 exposes sensitive system information through an unauthenticated endpoint at /cwmp/happyaxis.jsp. The page discloses Java system properties, server path details, and version information to unauthorized users, resulting in information disclosure that could aid further compromise.

CWE	CWE-497
Vendor	tibbo systems
Product	aggregate network manager
Published	Oct 23, 2025
Last Updated	May 14, 2026

Stay Ahead of the Next One

Get instant alerts for tibbo systems aggregate network manager

Be the first to know when new unknown vulnerabilities affecting tibbo systems aggregate network manager are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

Affected Versions

Tibbo Systems / AggreGate Network Manager

0 < 6.40.05

References

NVD ↗ CVE.org ↗ EPSS Data ↗

aggregate.digital: https://aggregate.digital/downloads.html aggregate.digital: https://aggregate.digital/products/network-manager.html vulncheck.com: https://www.vulncheck.com/advisories/tibbo-aggregate-network-manager-system-information-exposure

Credits

Alex Williams from Pellera Technologies