PT-2025-13062 · Palscode · Palscode Support Genix

Astra.R3Verii

Publicado

2025-03-27

Atualizado

2025-03-29

CVE-2025-30777

CVSS v3.1

4.3

Média

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions PalsCode Support Genix versions 1.4.11 and earlier

Description The issue allows for authorization bypass through a user-controlled key, exploiting incorrectly configured access control security levels.

Recommendations For versions 1.4.11 and earlier, update to a version that fixes the authorization bypass issue. As a temporary workaround, consider restricting access to sensitive areas of Support Genix to minimize the risk of exploitation.

Correção

IDOR

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-639

Identificadores relacionados

CVE-2025-30777

Produtos afetados

Palscode Support Genix

PT-2025-13062 · Palscode · Palscode Support Genix

CVE-2025-30777

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5