Envasadora H2O Eireli · Soda Cristal · CVE-2025-52389
Name of the Vulnerable Software and Affected Versions:
Envasadora H2O Eireli - Soda Cristal version 40.20.4
Description:
An Insecure Direct Object Reference (IDOR) exists in Envasadora H2O Eireli - Soda Cristal version 40.20.4. Authenticated attackers can access sensitive data belonging to other users by crafting a malicious HTTP request.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.