CVE-2025-42605

Name of the Vulnerable Software and Affected Versions Meon Bidding Solutions (affected versions not specified)

Description This issue exists due to improper authorization controls on certain API endpoints for the initiation, modification, or cancellation operations. An authenticated remote attacker could exploit this by manipulating parameters in the API request body to gain unauthorized access to other user accounts. Successful exploitation could allow a remote attacker to perform authorized manipulation of data associated with other user accounts.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.