CVE-2025-10070

Опубликовано: 07 сент. 2025

Источник: nvd

CVSS3: 6.3

CVSS2: 6.5

EPSS Низкий

Описание

A flaw has been found in Portabilis i-Educar up to 2.10. This affects an unknown part of the file /enturmacao-em-lote/. This manipulation causes improper access controls. The attack is possible to be carried out remotely. The exploit has been published and may be used.

Ссылки

https://github.com/marcelomulder/CVE/blob/main/i-educar/Broken%20Access%20Control%20Vulnerability%20%20in%20%60.enturmacao-em-lote.(ID)%60%20Endpoint.md
Broken Link
https://github.com/marcelomulder/CVE/blob/main/i-educar/CVE-2025-10070.md
Exploit
Third Party Advisory
https://vuldb.com/?ctiid.323018
Permissions Required
VDB Entry
https://vuldb.com/?id.323018
Third Party Advisory
VDB Entry
https://vuldb.com/?submit.644133
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:portabilis:i-educar:*:*:*:*:*:*:*:*

Версия до 2.10.0 (включая)

EPSS

Процентиль: 19%

0.00061

Низкий

6.3 Medium

CVSS3

6.5 Medium

CVSS2

Дефекты

CWE-266

Связанные уязвимости

GHSA-w3xx-pmr6-fvqg