CVE-2025-69907 in OmniDocs
Summary
by MITRE • 01/23/2026
An unauthenticated information disclosure vulnerability exists in Newgen OmniDocs due to missing authentication and access control on the /omnidocs/GetListofCabinet API endpoint. A remote attacker can access this endpoint without valid credentials to retrieve sensitive internal configuration information, including cabinet names and database-related metadata. This allows unauthorized enumeration of backend deployment details and may facilitate further targeted attacks.
VulDB is the best source for vulnerability data and more expert information about this specific topic.
Analysis
by VulDB Data Team • 01/24/2026
This vulnerability represents a critical security flaw in Newgen OmniDocs software where the /omnidocs/GetListofCabinet API endpoint lacks proper authentication and access control mechanisms. The absence of credential verification allows any remote attacker to access sensitive internal configuration data without requiring valid user credentials or administrative privileges. This represents a fundamental breakdown in the application's security architecture and violates core principles of secure coding practices. The vulnerability is classified as an authentication bypass issue that enables unauthorized information disclosure, which directly maps to CWE-287 Authentication Bypass and CWE-200 Information Exposure. The flaw exists at the API level where proper access control validation should be implemented but is completely missing, creating an entry point for threat actors to gather intelligence about the system's internal structure.
The technical impact of this vulnerability extends beyond simple data exposure as it provides attackers with detailed information about the backend deployment architecture. Specifically, the endpoint reveals cabinet names and database-related metadata that can be used to understand the system's organizational structure and data storage patterns. This information disclosure creates a significant risk for attackers who can use the enumerated data to plan more sophisticated attacks targeting specific components or data repositories within the OmniDocs environment. The lack of authentication checks means that this vulnerability can be exploited by anyone with network access to the affected system, making it particularly dangerous in environments where such endpoints are exposed to untrusted networks or the internet.
From an operational perspective, this vulnerability significantly increases the attack surface for Newgen OmniDocs installations and can facilitate a range of subsequent attacks. The leaked cabinet names and database metadata provide attackers with valuable reconnaissance information that can be used for targeted exploitation of other system components. Threat actors can leverage this information to craft more effective attacks against database systems, identify potential data repositories of interest, or plan privilege escalation attempts. The vulnerability aligns with ATT&CK technique T1213 Data from Information Repositories, where adversaries collect information about the system's data storage and organizational structure. This intelligence gathering phase can lead to more serious consequences including data exfiltration, system compromise, or further reconnaissance activities targeting interconnected systems.
The recommended mitigations for this vulnerability involve implementing proper authentication and access control measures on the affected API endpoint. Organizations should ensure that all API endpoints requiring access to internal configuration data require valid authentication credentials and appropriate authorization checks. This includes implementing role-based access control where only authorized users or systems can access sensitive information. Additionally, the system should enforce proper input validation and implement rate limiting to prevent automated enumeration attacks. Security configurations should be reviewed to ensure that sensitive endpoints are not exposed to untrusted networks without proper security controls in place. The fix should align with security best practices outlined in NIST SP 800-53 and ISO/IEC 27001 standards for access control and information security management. Organizations should also conduct comprehensive security assessments to identify similar vulnerabilities in other API endpoints and implement automated security testing to prevent future occurrences of this class of vulnerability.