CVE-2025-48860

Name of the Vulnerable Software and Affected Versions: ctrlX OS (affected versions not specified)

Description: A vulnerability in the web application of the ctrlX OS setup mechanism allowed an authenticated attacker with low privileges to gain remote access to backup archives created by a user with elevated permissions. Depending on the content of the backup archive, an attacker may have been able to access sensitive data.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.