PT-2025-11047 · Unknown · Tnexus Airport View

Published

2025-03-12

Updated

2025-03-14

CVE-2025-25709

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions: tNexus Airport View version 2.8

Description: The issue allows a remote attacker to escalate privileges. This is achieved via the "addUser" and "updateUser" endpoints.

Recommendations: For version 2.8, consider disabling access to the addUser and updateUser endpoints as a temporary workaround until a patch is available. Restrict access to these endpoints to minimize the risk of exploitation.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2025-25709

Affected Products

Tnexus Airport View

PT-2025-11047 · Unknown · Tnexus Airport View

CVE-2025-25709

Related Identifiers

Affected Products

References · 4