CVE-2025-8260

Name of the Vulnerable Software and Affected Versions Vaelsys version 4.1.0

Description A vulnerability has been found in Vaelsys 4.1.0 and classified as problematic. This vulnerability affects unknown code of the file /grid/vgrid server.php of the component MD4 Hash Handler. The manipulation of the argument xajaxargs leads to the use of a weak hash. The attack can be initiated remotely, but the complexity is rather high and exploitation appears to be difficult. The exploit has been disclosed to the public. The vendor was contacted about this disclosure but did not respond.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.