exploitDog

GHSA-5rqh-29cg-rcqm

Опубликовано: 30 дек. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

inMusic Brands Engine DJ 4.3.0 suffers from Insecure Permissions due to exposed HTTP service in the Remote Library, which allows attackers to access all files and network paths.

inMusic Brands Engine DJ 4.3.0 suffers from Insecure Permissions due to exposed HTTP service in the Remote Library, which allows attackers to access all files and network paths.

Ссылки

EPSS

Процентиль: 13%

0.00044

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-732

Связанные уязвимости

CVE-2025-66723

CVSS3: 7.5

nvd

около 1 месяца назад

inMusic Brands Engine DJ before 4.3.4 suffers from Insecure Permissions due to exposed HTTP service in the Remote Library, which allows attackers to access all files and network paths.

EPSS

Процентиль: 13%

0.00044

Низкий

7.5 High

CVSS3

CVE ID

Дефекты

CWE-732