exploitDog

GHSA-qq3g-q238-5q86

Опубликовано: 27 мая 2025

Источник: github

Github: Не прошло ревью

CVSS4: 9.3

Описание

Missing Authentication & Authorization in Web-API in Mobatime AMX MTAPI v6 on IIS allows adversaries to unrestricted access via the network. The vulnerability is fixed in Version 1.5.

Missing Authentication & Authorization in Web-API in Mobatime AMX MTAPI v6 on IIS allows adversaries to unrestricted access via the network. The vulnerability is fixed in Version 1.5.

Ссылки

EPSS

Процентиль: 20%

0.00063

Низкий

9.3 Critical

CVSS4

CVE ID

Дефекты

CWE-306

Связанные уязвимости

CVE-2025-2407

nvd

9 месяцев назад

Missing Authentication & Authorization in Web-API in Mobatime AMX MTAPI v6 on IIS allows adversaries to unrestricted access via the network. The vulnerability is fixed in Version 1.5.

EPSS

Процентиль: 20%

0.00063

Низкий

9.3 Critical

CVSS4

CVE ID

Дефекты

CWE-306