RCE in Ibi Webfocus
CVE-2025-11548
A remote, unauthenticated privilege escalation in ibi WebFOCUS allows an attacker to gain administrative access to the application which may lead to unauthenticated Remote Code Execution
Vulnerability class: RCE (Remote Code Execution)
EPSS: 0.005 (37.6th percentile) — read the EPSS interpretation.
Affected products
- Ibi Webfocus — versions 9.1, 9.2