PT-2025-31389 · Glpi+2 · Glpi+2

Geraldino2

Published

2025-07-29

Updated

2025-10-07

CVE-2025-53113

CVSS v2.0

4.0

Medium

Vector

AV:N/AC:L/Au:S/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions GLPI versions 0.65 through 10.0.18

Description GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. In versions 0.65 through 10.0.18, a technician can use the external links feature to access information on items they are not authorized to view.

Recommendations Update to version 10.0.19 or later.

Exploit

Fix

Improper Access Control

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284CWE-862

Related Identifiers

ALT-PU-2025-10163

ALT-PU-2025-9984

BDU:2025-12947

CVE-2025-53113

GHSA-R2MM-6499-4M8J

Affected Products

Alt Linux

Glpi

Red Os

PT-2025-31389 · Glpi+2 · Glpi+2

CVE-2025-53113

Weakness Enumeration

Related Identifiers

Affected Products

References · 13