CVE-2025-24343 - CERT CVE

  1. CVE-2025-24343

ID CVE-2025-24343
Sažetak A vulnerability in the “Manages app data” functionality of the web application of ctrlX OS allows a remote authenticated (low-privileged) attacker to write arbitrary files in arbitrary file system paths via a crafted HTTP request.
Reference
CVSS
Base: 5.4
Impact: 2.5
Exploitability:2.8
Pristup
VektorSloženostAutentikacija
NETWORK LOW LOW
Impact
PovjerljivostCjelovitostDostupnost
NONE LOW LOW
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
Zadnje važnije ažuriranje 02-05-2025 - 13:53
Objavljeno 30-04-2025 - 12:15