PT-2025-37287 · Unknown · Roncoo-Pay
Aibot88
·
Publicado
2025-09-12
·
Atualizado
2025-09-12
·
CVE-2025-10288
CVSS v3.1
5.3
Média
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
roncoo-pay (affected versions not specified)
Description:
A vulnerability exists in roncoo-pay that allows for improper authentication. The issue is related to manipulation of an unknown function within the
/user/info/list file. This allows for remote exploitation. The exploit has been made public. The vendor was contacted but did not respond.Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
Improper Authentication
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Roncoo-Pay