Unknown · Roadcute Api · CVE-2025-52395
Name of the Vulnerable Software and Affected Versions:
Roadcute API version 1
Description:
An issue in the application allows a remote attacker to execute arbitrary code via an insecure password reset API endpoint. The endpoint fails to validate the identity of the requester properly.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.