exploitDog

CVE-2025-25950

Опубликовано: 03 мар. 2025

Источник: nvd

CVSS3: 8.1

EPSS Низкий

Описание

Incorrect access control in the component /rest/staffResource/update of Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 allows create and modify user accounts, including an Administrator account.

Ссылки

https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2024-89637
Broken Link
Not Applicable
https://github.com/VvV1per/Vulnerability-Research-CVEs/tree/main/CVE-2025-25950
Third Party Advisory
https://github.com/el-viper/cve-research/tree/main/CVEs/CVE-2025-25950

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:serosoft:academia_student_information_system:eagler-1.0.118:*:*:*:*:*:*:*

EPSS

Процентиль: 29%

0.00103

Низкий

8.1 High

CVSS3

Дефекты

CWE-284

Связанные уязвимости

GHSA-44rm-j4gx-rrg2

CVSS3: 8.1

github

11 месяцев назад

Incorrect access control in the component /rest/staffResource/update of Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) EagleR v1.0.118 allows create and modify user accounts, including an Administrator account.

EPSS

Процентиль: 29%

0.00103

Низкий

8.1 High

CVSS3

Дефекты

CWE-284