Following the fix for CVE-2025-11093, WSO2 extended the Script Mediator class blacklist to cover all supported scripting engines. The extended blacklist blocks java.lang.Runtime, java.lang.ProcessBuilder, java.io.*, and other known dangerous classes. However, the blacklist is incomplete: the JNA library (com.sun.jna.*), bundled with WSO2 API Manager, provides direct access to native system calls through classes that are not blacklisted.
The Java NIO.2 API (java.nio.file.*) is also not blacklisted, despite providing arbitrary filesystem access equivalent to the blocked java.io classes. An attacker can use java.nio.file.Files and java.nio.file.Paths to read, write, and delete files on the server, including deploying a JSP web shell directly.
In vulnerable versions, this is exploitable via the APIGatewayAdmin SOAP service, which lacks proper authorisation checks prior to version 4.5.0 (CVE-2025-9804). When combined with authentication bypass vulnerabilities (CVE-2025-9152, CVE-2025-10611), this becomes a pre-auth remote code execution chain.
This vulnerability was responsibly disclosed and has been patched by the vendor.
The vendor opted not to assign a CVE for this vulnerability.