Glpi · Glpi · CVE-2025-23024
**Name of the Vulnerable Software and Affected Versions**
GLPI versions 0.72 through 10.0.17
**Description**
The issue allows an anonymous user to disable all active plugins. The estimated number of potentially affected devices is not provided. There is no information about real-world incidents where this issue was exploited.
Technical details about exploitation include the `install/update.php` file.
**Recommendations**
For versions 0.72 through 10.0.17, update to version 10.0.18 to resolve the issue.
As a temporary workaround, consider deleting the `install/update.php` file until the patch is applied.